Security
Ethereum advances with standards for smart contract security audits
The Ethereum ecosystem continues to witness a flurry of activity that has individuals and organizations deploying token contracts, adding liquidity to pools and deploying smart contracts to support a wide range of business models. While notable, this growth has also been riddled with security exploits, leaving decentralized finance (DeFi) protocols vulnerable to hacks and scams. For instance, recent findings from crypto intelligence firm Chainalysis show that crypto-related hacks have increased by 58.3% from the beginning of the year through July 2022. The report further notes that $1.9 billion has been lost to hacks during this timeframe — a figure that doesn’t include the $190 million Nomad bridge hack that occurred on August 1, 2022. Although open source code may be beneficial for...
Malware That Can Take Over Computers is Skyrocketing in Africa
Sourced from Tech Advisor According to data collected by Russia-based cybersecurity provider Kaspersky, the number of backdoor computer malware detected in Q2 2022 for corporate users in South Africa, Kenya and Nigeria has significantly increased compared to the previous quarter. Currently, numbers are hitting new records and posing challenges to cybersecurity professionals in enterprise and government agencies. “Backdoors enable a series of long unnoticed cyberespionage campaigns, which result in significant financial or reputational losses and may disrupt the victim organisation’s operations. Corporate systems should be constantly audited and carefully monitored for hidden threats,” comments Dr Amin Hasbini, Head of Global Research and Analysis Team (GReAT), Middle East, Türkiye and Afri...
7 Vital Online Gaming Safety Tips for Kids & Adults
Sourced from LearnBonds. Following the recent leakage revealing how hyper-popular game Roblox moderates content, cybersecurity experts from antivirus provider Kaspersky has shared a few insights on what cyber threats can harm users, and especially children, in the online gaming space and how these users can protect themselves. The leaked documents give insight into the targeting of children by predators on the platform and how the platform attempts to fight child grooming. Additionally, one issue identified in the documents is that although Roblox’s systems scan 100 percent of submitted abuse reports, only around 10 percent of those are actionable. This suggests that even on a gaming platform, where content is moderated, there remain a large number of risks for children when they game onli...
Cross-chains in the crosshairs: Hacks call for better defense mechanisms
2022 has been a lucrative year for hackers preying on the nascent Web3 and decentralized finance (DeFi) spaces, with more than $2 billion worth of cryptocurrency fleeced in several high-profile hacks to date. Cross-chain protocols have been particularly hard hit, with Axie Infinity’s $650 million Ronin Bridge hack accounting for a significant portion of stolen funds this year. The pillaging continued into the second half of 2022 as cross-chain platform Nomad saw $190 million drained from wallets. The Solana ecosystem was the next target, with hackers gaining access to the private keys of some 8000 wallets that resulted in $5 million worth of Solana (SOL) and Solana Program Library (SPL) tokens being pilfered. deBridge Finance managed to sidestep an attempted phishing attack on Monday, Aug....
88% of Nomad Bridge exploiters were ‘copycats’ — Report
Close to 90% of addresses taking part in the $186 million Nomad Bridge hack last week have been identified as “copycats,” making off with a total of $88 million worth of tokens on Aug. 1, a new report has revealed. In an Aug. 10 Coinbase blog, authored by Peter Kacherginsky, Coinbase’s principal blockchain threat intelligence researcher, and Heidi Wilder, a senior associate of the special investigations team, the pair confirmed what many had suspected during the bridge hack on Aug. 1 — that once the initial hackers figured out how to extract funds, hundreds of “copycats” joined the party. Source: Coinbase According to the security researchers, the “copycat” method was a variation of the original exploit, which used a loophole in Nomad’s smart contract, allowing users to extract...
Cybersecurity: Africa’s SEACOM Joins Forces with British Telecommunications
SEACOM acquires Africell Uganda Assets to Continue Expanding its East African Footprint African cable system firm SEACOM and British Telecommunications (BT) today announced a strategic partnership which will provide SEACOM with BT cybersecurity systems in order to further secure its own infrastructure and deliver new networking, security and communications solutions to enterprise customers in Africa. As a leading Internet connectivity supplier that owns Africa’s most extensive ICT infrastructure, SEACOM will be leveraging BT’s services, vendor relationships and global expertise to expand its portfolio of services aimed at African businesses. SEACOM’s customers are set to benefit from access to BT’s Cloud Security Incident Event Management (SIEM) platform. In today’s business environment da...
The Crypto Collapse & Rising DDoS Smart Attacks
Image sourced from Shutterstock. During Q2 2022, Distributed Denial of Service (DDoS) attacks reached a new level as the share of smart attacks and average duration saw steep increases. Compared to the previous year, the average duration of a DDoS attack rose 100 times, reaching 3,000 minutes. The share of smart attacks almost broke the four-year record, accounting for nearly 50% of the total. Experts also expect an increase in overall DDoS activity, especially with the recent collapse of cryptocurrency. These and other findings are part of a quarterly DDoS report issued by Kaspersky. A Distributed Denial of Service (DDoS) attack is designed to hinder the normal functioning of a website or crash it completely. During an attack (which usually targets government institutions, retail or ...
Phising Scams Surge 234% in Africa, Especially in Tech Powerhouses
Image sourced from NorthJersey.com New data from Russia-based cybersecurity firm Kaspersky reveals that the prevalence of phishing and social engineering scams has increased significantly in Africa in Q2 2022 in comparison with the previous quarter. The company’s security solutions detected 10,722,886 phishing attacks in Africa in Q2, showing a 234% increase from the previous quarter. Tech powerhouses across Africa have seen the highest amount of growth in scams. Kenyan users have been influenced the most by this type of threat: there were 5,098,534 phishing attacks detected in 3 months – a growth of 438% when compared to the previous quarter. It was followed by South Africa (4,578,216 detections and a growth of 144%) and Nigeria (1,046,136 detections and a growth of 174%). In particular, ...
The worst places to keep your crypto wallet seed phrase
Under the mattress, in the seams of a piece of luggage or even rolled into a cigar, what are the worst and best ways for keeping a seed phrase safe? The key to unlocking and recovering cryptocurrency, a seed phrase, should be secured and safe. Especially now that prices are low and the crypto tourists have checked out, it might be time for a crypto security spring clean. Security starts with a seed phrase, sometimes called a recovery phrase. There’s no denying it: Bitcoin and the crypto space writ large are in the clutches of a bear market. Since Do Kwon’s Terra experiment went up in smoke, a crypto contagion has choked the most reputable of exchanges, causing many self-sovereignty advocates to chant, “not your keys, not your coins.” Indeed, hardly a day goes by that another “trusted...
Why the Healthcare Sector Must Prioritise Modern Data Protection
Image sourced from Healthcare Finance. The pandemic has put a significant strain on all industry sectors none more so than in healthcare where there was a need to adopt more data-driven planning and decision-making at lightning speed. At a time when expanding remote care, telemedicine, and m-health initiatives have become the order of the day, the spotlight has turned to the safeguarding of sensitive information at a scale comparable to the financial services sector. This is for good reason. According to the ‘Veeam Top Trends in Data Protection, Healthcare Edition 2022’ report, 76% of global healthcare organisations had at least one ransomware attack in the last year. This has contributed to an almost 5% increase in data protection budgets that include backup, business continuity, and disa...
Public Sector Cybersecurity Summit 2022 – 10 Topics to Look Out For
The Public Sector Cybersecurity Summit hosted by IT News Africa on the 2nd and 3rd of August 2022. Sign up here: https://itnewsafrica.com/event/event/public-sector-cybersecurity-summit-2022/ If your public organisation is digitally connected then you cannot afford to miss the Public Sector Security Summit 2022 (#PubliSec2022), to be held on 2nd and 3rd August 2022. Cybercriminals are only becoming more advanced, and more dangerous with attacks costing government organisations worldwide millions if not billions. This world-class event will allow you to learn from local and international case studies and hear from public sector security experts, enabling you to bolster cyber security within your public organisation, all from the comfort of your home or office. Attendees who sign up ...
Ethereum will outpace Visa with zkEVM Rollups, says Polygon co-founder
zkEVM Rollups, a new scaling solution for Ethereum, will allow the smart contract protocol to outpace Visa in terms of transaction throughput, said Polygon co-founder Mihailo Bjelic in a recent interview with Cointelegraph. Polygon recently claimed to be the first to implement a zkEVM scaling solution, which aims at reducing Ethereum’s transaction costs and improving its throughput. This layer-2 protocol can bundle together several transactions and then relay them to the Ethereum network as a single transaction. The solution, according to Bjelic, represents the Holy Grail of Web3 as it offers security, scalability and full compatibility with Ethereum, which means developers won’t have to learn a new programing language to work with it. “When you launch a scaling solution,...
