Risky Business cover image

Risky Business

Risky Business #786 -- Oracle is lying

Apr 2, 2025
Tjaden Hess, a Principal Security Engineer at Trail of Bits specializing in cryptography and cryptocurrency exchange security, joins the discussion on recent cybersecurity events. He highlights the alarming breach at Oracle, casting a critical eye on their lack of transparency regarding the exposure of sensitive health data. Hess also emphasizes the essential practices for secure cryptocurrency exchanges, particularly the importance of cold wallets, and contrasts these with the vulnerabilities revealed in the Bybit incident. The conversation paints a vivid picture of the cybersecurity landscape's ongoing challenges.
55:14

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

  • Oracle faced significant security breaches impacting health data and cloud credentials, raising concerns about their incident management and communication strategies.
  • Experts stress the necessity for cryptocurrency exchanges like Bybit to enforce stringent cold wallet practices to mitigate unauthorized access risks.

Deep dives

Bybit's Cold Wallet Vulnerability

A recent incident involving Bybit cryptocurrency exchange revealed significant flaws in their security practices, particularly concerning their cold wallet procedures. It was discovered that Bybit's cold wallet, meant to be protected from online threats, was compromised due to a connection with an online wallet provider whose servers were hacked. Experts emphasized that cold wallets must remain entirely offline to prevent unauthorized access, advocating for secure data transfer methods, such as using QR codes or read-only CDs. This breach exemplifies how critical it is for exchanges to enforce robust separation and isolation of their digital assets.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode