Month: March 2018

15 year old security researcher Saleem Rashid discovered a flaw in cryptocurrency hardware wallets made by Ledger, a French company whose popular products are designed to physically safeguard public and private keys used to receive or spend the user’s cryptocurrencies.

The root cause is that the Ledger devices use a secure processor chip and a non-secure microcontroller chip. An attacker could compromise the insecure processor.

Ledger released a patch on March 6, 2018 to address vulnerability, and Eric Larchevêque, Ledger’s CEO, stated that the company hadn’t received any reports of hackers actually accessing the crypto keys.

Read more about it here.

On February 28, 2018, popular source code hosting web site GitHub was hit by the largest-ever distributed denial of service (DDoS) attack, that peaked at 1.35 Tbps. The attack abused servers running Memcached, an open source distributed memory object caching system. The attack was an amplification attack, where the attacker sends a request of a few bytes to the target server, causing the server to respond with a much larger response, up to 51,200 times larger.

The Github website is protected by the anti-DDoS service provided Akamai.

Read more about it here.