all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Coinbase Fixes Vulnerable API that Let You Sell Bitcoin You Didn’t Own

Add to bookmarks
Feb. 20, 2022, 1:09 p.m. | Aner Morag

Security Boulevard securityboulevard.com




On Friday, February 11th 2022, a security researcher (Tree_of_Alpha on Twitter) discovered a flaw in Coinbase’s new Advanced Trading feature that allowed users to sell cryptocurrencies without owning them. According to the Coinbase blog, the flaw was resolved in a matter of hours without any malicious exploitation. And Coinbase paid Tree of Alpha the largest-ever bug bounty of $250,000.


The post Coinbase Fixes Vulnerable API that Let You Sell Bitcoin You Didn’t Own appeared first on Security Boulevard …

api api security api security posture api testing bitcoin coinbase fixes own vulnerable

Visit resource

More from securityboulevard.com / Security Boulevard

USENIX Security ’23 – Intender: Fuzzing Intent-Based Networking with Intent-State Transition Guidance 17 hours ago | securityboulevard.com
access authors channel conference +20
What is an IS (RBI) Audit? 1 day, 1 hour ago | securityboulevard.com
address audit banking banks +27
Understanding Credential Phishing 1 day, 9 hours ago | securityboulevard.com
attackers breach breaches ceo +23
Adaptive DDoS Defense’s Value in the Security Ecosystem 1 day, 9 hours ago | securityboulevard.com
adaptive ddos analytics & intelligence and response attack +24
Understanding Business Email Compromise (BEC) 1 day, 9 hours ago | securityboulevard.com
attackers attacks bec business +17
Risk vs. Threat vs. Vulnerability: What is the difference? 1 day, 11 hours ago | securityboulevard.com
ciso suite click cyber lingo cyber security risks +11
Compromising ByteDance’s Rspack using GitHub Actions Vulnerabilities 1 day, 12 hours ago | securityboulevard.com
actions attacker bytedance bytedance rspack +16
Impart Security: Leading the Charge in API Security with SOC 2 Type 2 Certification | … 1 day, 13 hours ago | securityboulevard.com
api api security certification charge +7
Senator Calls for FTC, SEC Probe Into UnitedHealth’s ‘Negligence’ in Breach 1 day, 13 hours ago | securityboulevard.com
attack board breach ceo +30

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com