Weekly Axis Of Easy #14
In this issue:
- Cops: “You cannot hide on the Dark Web”
- gSOAP security flaw puts millions of IoT devices at risk
- Cisco fixes critical, remote vulnerability in Webex
- Bitcoin nears all time highs as scaling issues resolved
AlphaBay and Hansa, two of the largest “dark web” marketplaces have been seized and shutdown after an international investigation. Dark Web marketplaces, such as that pioneered by the now defunct Silk Road, are places where one can purchase illicit drugs, hacked credentials and who knows what else. The Hansa site was seized and operated for a full month by law enforcement who covertly monitored the site’s activity before pulling the plug.
A manufacturer of high-end security cameras discovered a remotely exploitable flaw in the gSOAP library, an open source toolkit (which my device just auto-corrected as “toilet”) used in numerous Internet Of Things (IoT) devices.
While Axis Communications, the company who discovered the bug, and Genivia, the company that maintains gSOAP have patched their implementations, experts warn that many IoT manufacturers may never “get the memo” about this, leaving literally 10’s of millions of IoT devices vulnerable. Mirai 2.0 anybody?
Cisco has issued a patch for Webex, the widely used video conferencing suite. The flaw allows an attacher remotely execute code on the victims machine and affects Chrome and Firefox browsers running on Windows.
William Gibson once described a futuristic cyberpunk environ as a place where “someone was permanently holding down the fast-forward button”. I always thought this image was very apt for the Bitcoin and blockchain spaces. Secular shifts, which would take years to play out in any other endeavour, happen in weeks.
Last week, the Bitcoin price was in a bear-market. Bitcoin was looking at a hard fork into two separate blockchains as soon as August 1st and the uncertainty was taking its toll. Now it’s challenging all-time highs as the “Big Blockers vs Small Blockers” schism was resolved with the majority of miners (97% of the total hashing power) signalling “BIP91”, moving Bitcoin to “Segregated Witness” and avoiding the split.
Here’s a good primer on the topic.