From 001af09770a32e65517e6d898a7dde2f64596514 Mon Sep 17 00:00:00 2001 From: Christian Reitter Date: Tue, 13 Feb 2024 15:27:14 +0100 Subject: [PATCH] Improve front page and navigation header links --- _includes/footer.html | 2 +- _includes/header.html | 12 +++++++----- index.md | 25 +++++++++++++++---------- lookup.md | 1 + 4 files changed, 24 insertions(+), 16 deletions(-) diff --git a/_includes/footer.html b/_includes/footer.html index 28a7777..f4873a5 100644 --- a/_includes/footer.html +++ b/_includes/footer.html @@ -1,3 +1,3 @@ \ No newline at end of file diff --git a/_includes/header.html b/_includes/header.html index f933443..72ca2c6 100644 --- a/_includes/header.html +++ b/_includes/header.html @@ -11,11 +11,13 @@ {%- for path in page_paths -%} {%- assign my_page = site.pages | where: "path", path | first -%} - {%- if my_page.title -%} -
  • - {{ my_page.title | escape }} -
    • - {%- endif -%} + {% unless my_page.exclude %} + {%- if my_page.title -%} +
  • + {{ my_page.title | escape }} +
    • + {%- endif -%} + {%- endunless -%} {%- endfor -%} diff --git a/index.md b/index.md index 0036de1..70d46f5 100644 --- a/index.md +++ b/index.md @@ -19,7 +19,7 @@ A practical explanation of how weak entropy can ruin your day - and your savings - We have reasons to believe some `Libbitcoin Explorer` versions before `3.0.0` also produce weak `bx seed` output in some system environments. - Think of this as securing your online bank account with a password manager that creates a long random password, but it often creates the same passwords for every user. Malicious people have figured this out and drained funds on any account they can find. -## How? +### How?
    @@ -41,30 +41,35 @@ A practical explanation of how weak entropy can ruin your day - and your savings - Why the silly "Milk Sad" name? Running `bx seed` on `3.x` versions with a system time of 0.0 always generates the following secret: > milk sad wage cup reward umbrella raven visa give list decorate bulb gold raise twenty fly manual stand float super gentle climb fold park -## When? +### When? The main theft occurred around 12 July 2023, although initial exploitation likely began at a smaller scale in May 2023. A separate but similar vulnerability in another wallet software was detected in November 2022 and actively exploited shortly after, which may be the prequel to this story. -## Who? +### Who? We did not identify who is behind the ongoing thefts from vulnerable wallets. -## Type +### Type [CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)](https://cwe.mitre.org/data/definitions/338.html) -## Vendor +### Vendor [Libbitcoin](https://github.com/libbitcoin) -## Further Reading +### Further Reading -See our [technical writeup](/disclosure.html) and [FAQ](/faq.html). +See our [technical writeup](/disclosure.html), [research updates](/updates.html) and [FAQ](/faq.html). -[CVE-2023-31290](https://nvd.nist.gov/vuln/detail/CVE-2023-31290) was a similar vulnerability in [Trust Wallet]( + +### Related Vulnerabilities + +Trust Wallet: +- [CVE-2023-31290](https://nvd.nist.gov/vuln/detail/CVE-2023-31290) - [vendor advisory]( https://community.trustwallet.com/t/browser-extension-wasm-vulnerability-postmortem/750787 -), see [Ledger Donjon's technical writeup](https://blog.ledger.com/Funds-of-every-wallet-created-with-the-Trust-Wallet-browser-extension-could-have-been-stolen/ -). +) and [Ledger Donjon's technical writeup](https://blog.ledger.com/Funds-of-every-wallet-created-with-the-Trust-Wallet-browser-extension-could-have-been-stolen/ +) +- [CVE-2024-23660](https://nvd.nist.gov/vuln/detail/CVE-2024-23660) - SECBIT Labs' [technical disclosure writeup](https://secbit.io/blog/en/2024/01/19/trust-wallets-fomo3d-summer-vuln/) ## Contact diff --git a/lookup.md b/lookup.md index 5d0cfc7..1002f56 100644 --- a/lookup.md +++ b/lookup.md @@ -2,6 +2,7 @@ title: /lookup layout: home permalink: /lookup.html +exclude: true --- # Ride Closed 🚧