Coinbase Fixes Vulnerable API that Let You Sell Bitcoin You Didn’t Own | allinfosecnews.com

Feb. 20, 2022, 1:09 p.m. | Aner Morag

Security Boulevard securityboulevard.com

On Friday, February 11th 2022, a security researcher (Tree_of_Alpha on Twitter) discovered a flaw in Coinbase’s new Advanced Trading feature that allowed users to sell cryptocurrencies without owning them. According to the Coinbase blog, the flaw was resolved in a matter of hours without any malicious exploitation. And Coinbase paid Tree of Alpha the largest-ever bug bounty of $250,000.

The post Coinbase Fixes Vulnerable API that Let You Sell Bitcoin You Didn’t Own appeared first on Security Boulevard …

api api security api security posture api testing bitcoin coinbase fixes own vulnerable

More from securityboulevard.com / Security Boulevard

From DAST to dawn: why fuzzing is better solution | Code Intelligence 54 minutes ago | securityboulevard.com

api security application applications application security +27

Scaling Application Security With Application Security Posture Management (ASPM) 3 hours ago | securityboulevard.com

application application security application security posture management aspm +13

Crunching Some Numbers on PHP Support 7 hours ago | securityboulevard.com

application breaking can continue +16

Google Chrome DBSC Protection Tested Against Cookie Attacks 8 hours ago | securityboulevard.com

attacks authentication browser browser security +31

What is SOC 2 Compliance Audit? 10 hours ago | securityboulevard.com

audit audits businesses client +27

The Dark Side of EDR: Repurpose EDR as an Offensive Tool 11 hours ago | securityboulevard.com

capabilities code dark edr +13

NTA Email Alert Configuration 13 hours ago | securityboulevard.com

addresses alert basic configuration +8

The Ultimate Guide to SBIR and STTR Program Budgeting 15 hours ago | securityboulevard.com

budgeting budgets can corporations +14

Vulnerabilities for AI and ML Applications are Skyrocketing 18 hours ago | securityboulevard.com

ai ai and ml in security ai development applications +34

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Security Engineer, Incident Response

@ Databricks | Remote - Netherlands

View on infosec-jobs.com

Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)

@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC

View on infosec-jobs.com

Data Security Architect

@ Accenture Federal Services | Washington, DC

View on infosec-jobs.com

Identity Security Administrator

@ SailPoint | Pune, India

View on infosec-jobs.com