05 Sep 2022

Binance Identifies Suspects Who Stole From KyberSwap Whales

Binance may have helped crack last week’s $265,000 hack on decentralized exchange (DEX) platform KyberSwap. Binance CEO Changpeng Zhao said on Saturday that his exchange’s security team identified two suspects behind the attack, and that their identities have been forwarded to the KyberSwap team. On Sept. 1, KyberSwap issued an alert to

Read More
05 Aug 2022

Nomad and Solana hacks: what are the lessons for cryptocurrency investors?

Web3 adoption seem inevitable, but so does the increase in security issues and hacks. What are the main factors causing this? The high rate of innovation in the crypto world and the frequent software upgrades of the multi-chain world look like they will inevitably introduce more vulnerabilities. We need to

Read More
05 Aug 2022

4 things to learn from the embarrassing Slope hack on Solana

Now we know: The hack that drained thousands of user wallets (more than 8,000 at writing time) on cryptocurrency platform Solana wasn’t a result some sort of wide-ranging system failure. It was very likely due to egregiously bad security practices by cryptocurrency wallet provider Slope. According to security company Otter, the

Read More
04 Aug 2022

Is Solana Initiating Recovery Plan After Major Hack?

The global digital asset industry woke to another hacking incident in just two days. This time Solana (SOL) network came on the radar of the hackers. SOL prices have dropped by over 5% since the news broke out. As per reports, around $8 million have been removed from more than 7500

Read More
19 May 2022

Recovering from a cybersecurity earthquake: The lessons organizations must learn

It’s been over a year since the SolarWinds supply chain hack sent shockwaves through thousands of organizations worldwide, but this cybersecurity earthquake is by no means over. More recently we’ve seen aftershocks fueled by the Log4Shell and Spring4Shell vulnerabilities, which impacted organizations using the Log4j library and the Spring Core

Read More
20 Apr 2022

Security Lessons From a Payment Fraud Attack

On April 10, 2020, Atlanta-based fintech firm Brightwell was navigating more than the deadly COVID-19 pandemic. It all started with a series of customer phone calls. That morning sometime between 7 a.m. and 8 a.m., Brightwell received word from the customer service team that customers called to complain about missing funds,

Read More
07 Feb 2022

What your organization can learn from the $324 million Wormhole blockchain hack

Those following the tech world have probably heard about the recent hack of blockchain bridging service Wormhole that has amounted to the fourth-largest crypto theft, and second-largest De-Fi theft, ever. The attacker who found the exploit created 120,000 Ethereum out of nothing and made off with about $324 million of

Read More
22 Oct 2015

10 Red Teaming Lessons Learned Over 20 Years

I’ve been a red teamer for twenty years now, perhaps even longer, but I didn’t know what to call it until 1995 when I started working with the Department of Defense. I’ve also been fortunate to participate in or lead hundreds of red teams within many divergent disciplines ranging from

Read More