Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Attackers are using links to the popular Google scheduling app to lead users to pages that steal credentials, with the ultimate goal of committing financial fraud.
December 18th, 2024 (6 months ago)
|
|
|
Description: Good Samaritan Health Center of Cobb Has Been Claimed a Victim to Qilin Ransomware
December 18th, 2024 (6 months ago)
|
|
|
Description: National Atomic Energy Commission Has Been Claimed a Victim to Money Message Ransomware
December 18th, 2024 (6 months ago)
|
|
|
Description: A Threat Actor Claims to be Selling Access to an Unidentified Law Company in UK
December 18th, 2024 (6 months ago)
|
|
|
Description: A Threat Actor Claims to be Selling Data of VPbet
December 18th, 2024 (6 months ago)
|
|
|
Description: ​Recorded Future, an American threat intelligence company, has become the first cybersecurity firm designated by the Russian government as an "undesirable" organization. [...]
December 18th, 2024 (6 months ago)
|
|
|
Description: A Threat Actor Claims to be Selling Access to Unidentified Leading Technology Companies in Israel Containing 3TB of Data
December 18th, 2024 (6 months ago)
|
|
|
Description: A Threat Actor is Allegedly Selling Windows Privilege Escalation Malware
December 18th, 2024 (6 months ago)
|
|
|
Description: miyako is Allegedly Selling Firewall Root Access of Germany City Government
December 18th, 2024 (6 months ago)
|
|
|
Description: Impact
Impacted are the only ones who use hd_wallet::Slip10Like or slip_10 derivation method instantiated with curves other than secp256k1 and secp256r1.
hd_wallet crate used to provide Slip10Like derivation method, which is also provided in slip-10 crate as a default derivation method. It's based on slip10 method that searches for a valid child key in an infinite loop until it's found.
Theoretically, this could be exploited by an attacker by finding a derivation path that would force someone to execute a lot of iterations of this loop to find a valid child key. This attack, however, requires the probability of getting an invalid scalar from random 32 bytes to be high. Slip10 is protected from this attack as it's only defined on secp256k1 and secp256r1 curves, for which such probability is very low:
For secp256k1, probability is $< 2^{-127}$. This means that a loop with 2 or more iterations is vanishingly impossible.
For secp256r1, probability is $< 2^{-32}$. This means that a loop with 5 or more iterations is vanishingly impossible.
While standard curves are safe to use with slip10, we used to allow slip10-like derivation which can be instantiated with any curve. For instance, one could instantiate it with ed25519 or stark curves, for which probability of getting invalid scalar from random 32 bytes is >90%, so theoretically, attacker could try to DoS such construction.
Patches
hd_wallet v0.6.0 has been patched by removing slip10-like derivation from public API.
If y...
December 18th, 2024 (6 months ago)
|