The article discusses the ethical dilemma faced by technically skilled professionals who encounter a bug, particularly in the cryptocurrency space. It uses the recent friction between crypto firm Kraken and security company CertiK over a significant bug found in Kraken’s platform to discuss issues around bug bounties. It also studies the legal dilemmas and drawbacks of bug bounties, noting how this system in reality can deter ethical reporting and prompt exploitation of such vulnerabilities.
Stealthy Malware Has Infected Thousands of Linux Systems for Years
Online discussions have highlighted a new malware called Perfctl, which, after exploiting server vulnerabilities or misconfigurations, downloads a payload that moves to the /tmp directory