HackDig : Dig high-quality web security articles

Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue

Researchers published an exploit for an actively exploited Microsoft Windows vulnerability tracked as CVE-2023-29336. The Microsoft Windows vulnerability CVE-2023-29336 (CVSS score 7.8) is an elevation of privilege issue that resides in the Win32k component. Win32k.sys is a system driver file in the Windows operating system. The driver is responsible for
Publish At:2023-06-08 21:20 | Read:13651 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

How to Install Apple Beta Software for macOS Sonoma, iOS 17, iPadOS 17, and watchOS 10

Beta software is pre-release software, designed for developers to test against their apps to ensure that everything runs smoothly. It is also used internally to check for bugs and compatibility. If you’re really into your Apple products, and like to be the first to try out what’s new, you may have signed up for Apple’s public beta release
Publish At:2023-06-08 17:31 | Read:28416 | Comments:0 | Tags:How To beta software iOS 17 iPadOS 17 macOS Sonoma watchOS 1

Top 10 New Features in macOS Sonoma

Apple has given a preview of this year’s Mac operating system, macOS Sonoma, which has plenty of cool new features, from Safari enhancements to new screensavers, from video conferencing to improved gameplay. Here are 10 of the best features in macOS Sonoma that you’ll be able to try out in the fall. 1. Desktop widgetsmacOS Ventura lets you conf
Publish At:2023-06-08 17:31 | Read:24233 | Comments:0 | Tags:Apple macOS Sonoma

Experts detail a new Kimsuky social engineering campaign

North Korea-linked APT Kimsuky has been linked to a social engineering campaign aimed at experts in North Korean affairs. SentinelLabs researchers uncovered a social engineering campaign by the North Korea-linked APT group Kimsuky that is targeting experts in North Korean affairs. The attacks are part of a broader campaign recently detailed in a joint adv
Publish At:2023-06-08 15:25 | Read:23614 | Comments:0 | Tags:APT Breaking News Cyber warfare Intelligence Malware Hacking

German recruiter Pflegia leaks sensitive job seeker info

Pflegia, a German healthcare recruitment platform, has exposed hundreds of thousands of files with sensitive user data such as names, home addresses, and emails. Scouting for a new career can be stressful. Now imagine that, instead of a new role, you find that your resume data was exposed. That’s what job seekers using Pflegia’s services are dealing with.
Publish At:2023-06-08 11:27 | Read:26976 | Comments:0 | Tags:Breaking News Security data leak Hacking hacking news inform

Cisco fixes privilege escalation bug in Cisco Secure Client

Cisco addressed a high-severity flaw in Cisco Secure Client that can allow attackers to escalate privileges to the SYSTEM account. Cisco has fixed a high-severity vulnerability, tracked as CVE-2023-20178 (CVSS Score 7.8), found in Cisco Secure Client (formerly AnyConnect Secure Mobility Client) that can be exploited by low-privileged, authenticated, local
Publish At:2023-06-08 07:29 | Read:29769 | Comments:0 | Tags:Breaking News Security CISCO Hacking hacking news informatio

WWDC: New Macs, macOS Sonoma, iOS / iPadOS 17, and Vision Pro – Intego Mac Podcast Episode 295

We look at what Apple presented at this year’s worldwide developers conference. We discussed the key features in macOS Sonoma, iOS 17, and iPadOS 17, and we talk a bit about Apple’s new Vision Pro AR/VR headset. We also discuss some recent Chrome vulnerabilities.There’s another actively exploited vulnerability in Chromium-based browsers34 more ma
Publish At:2023-06-08 04:50 | Read:23442 | Comments:0 | Tags:Intego Mac Security Podcast iOS 17 iPadOS 17 macOS Sonoma Vi

Barracuda ESG appliances impacted by CVE-2023-2868 must be immediately replaced

Barracuda warns customers to immediately replace Email Security Gateway (ESG) appliances impacted by the flaw CVE-2023-2868. At the end of May, the network security solutions provider Barracuda warned customers that some of its Email Security Gateway (ESG) appliances were recently breached by threat actors exploiting a now-patched zero-day vulnerability.
Publish At:2023-06-08 03:31 | Read:39711 | Comments:0 | Tags:Breaking News Hacking Security Barracuda hacking news inform

Microsoft illegally collected and retained children's data, says FTC

Microsoft is counting the cost of privacy violations, with $20m in fines related to illegal data collection from children’s Xbox accounts. The Xbox manufacturer has reached a settlement with the Federal Trade Commision (FTC), a result which promises to have other console developers looking closely at their privacy policies. The FTC’s release
Publish At:2023-06-07 22:03 | Read:41033 | Comments:0 | Tags:Personal Microsoft Xbox privacy children COPPA FTC fine sett

Facebook clickbait leads to money scam for users

Online criminals are notorious for lurking on social media sites and tricking users into visiting malicious links. We recently observed a scheme where Facebook users are clicking on posts that lead to external websites set up for the sole purpose of scamming them out of hundreds of dollars via fake browser alerts. What is unique
Publish At:2023-06-07 22:03 | Read:30020 | Comments:0 | Tags:Threat Intelligence facebook posts google cloud run

LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863

Qualys Security AdvisoryLPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863========================================================================Contents========================================================================SummaryCVE-2023-33865, a symlink vulnerability in /tmp/RenderDoc- Analysis- ExploitationCVE-2023-33864, an integ
Publish At:2023-06-07 19:26 | Read:28787 | Comments:0 | Tags:No Tag

Defense in depth -- the Microsoft way (part 85): escalation of privilege plus remote code execution with HVCISCAN.exe

Hi @ll,about a month ago Microsoft published HVCIScan-{amd,arm}64.exe, a"Tool to check devices for compatibility with memory integrity (HVCI)"The "Install instructions" on the download page<https://www.microsoft.com/en-us/download/105217> tell:| Download the hvciscan.exe for your system architecture (AMD64 or ARM64).| From an elevat
Publish At:2023-06-07 19:26 | Read:41258 | Comments:0 | Tags: privilege

VMware fixes a command injection flaw CVE-2023-20887 in VMware Aria Operations for Networks

Virtualization giant VMware addressed critical and high-severity vulnerabilities in VMware Aria Operations for Networks. Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. VMware A
Publish At:2023-06-07 19:23 | Read:35993 | Comments:0 | Tags:Breaking News Security CVE-2023-20887 Hacking hacking news i

5 Cybersecurity Mistakes Startups Make & How to Avoid Them

Starting a business is like embarking on a thrilling adventure. It’s a journey filled with excitement, challenges, and endless possibilities.  Just like raising a child, a startup requires nurturing, dedication, and careful attention to every aspect of its growth. As a startup owner, you invest your heart and soul into building a strong and suc
Publish At:2023-06-07 16:42 | Read:55059 | Comments:0 | Tags:Cybersecurity cybersecurity mistakes cybersecurity security

Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug

Clop ransomware group claims to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability. The Clop ransomware group may have compromised hundreds of companies worldwide by exploiting a vulnerability in MOVEit Transfer software. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer fi
Publish At:2023-06-07 15:25 | Read:41443 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware clop ransomware Cy


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud

Friend Links