HackDig : Dig high-quality web security articles for hacker

Major Online Criminal Marketplaces AlphaBay and Hansa Shut Down

International law enforcement operations result in AlphaBay, the largest online marketplace for selling illegal goods from malware to herion, and Hansa, going dark.In a one-two punch, international law enforcement authorities shut down AlphaBay and Hansa Market, which both sold illegal goods online including stolen identification documents, malware, counterf
Publish At:2017-07-21 09:41 | Read:80 | Comments:0 | Tags:No Tag

US Banks Targeted with Trickbot Trojan

Necurs botnet spreads Trickbot malware to US financial institutions, while new Emotet banking Trojan attacks discovered - signalling increasingly complex attacks on the industry.The Necurs botnet has begun delivering the Trickbot banking Trojan to financial institutions in the United States, a sign of increasingly larger and more complex attacks on the indus
Publish At:2017-07-21 09:40 | Read:104 | Comments:0 | Tags:No Tag

Healthcare Industry Lacks Awareness of IoT Threat, Survey Says

Three-quarters of IT decision makers report they are "confident" or "very confident" that portable and connected medical devices are secure on their networks.Healthcare networks are teeming with IoT devices from glucometers to infusion pumps, but a study found that the majority of IT decision makers may be operating with a false sense of security regarding t
Publish At:2017-07-21 09:40 | Read:80 | Comments:0 | Tags:No Tag

#HackTor: Tor Opens up its Bug Bounty Program

The popular identity-cloaking service has expanded its private, invite-only vulnerability discovery program to an open one via HackerOne.The Tor Project has teamed up with HackerOne to invite hackers to find vulnerabilities in its online anonymization platform used by 1.5 million citizens, journalists, privacy advocates, and dissidents around the globe.The n
Publish At:2017-07-21 09:40 | Read:50 | Comments:0 | Tags:No Tag

Using DevOps to Move Faster than Attackers

Black Hat USA talk will discuss the practicalities of adjusting appsec tooling and practices in the age of DevOps.DevOps could be security's biggest boon for quickly mitigating the kinds of vulnerabilities that will be highlighted next week at Black Hat USA in Las Vegas. And in a departure from the show's typical doom-and-gloom demos of scary attacks and exp
Publish At:2017-07-21 09:40 | Read:93 | Comments:0 | Tags:No Tag

Internet for everyone with Facebook’s drone Aquila

Last month Facebook announced the second successful test of Aquila – a giant sun powered drone. Even though the technology is still in the makes and has a long way to go, Mark Zuckerberg has been very serious about connecting the world– Facebook recently surpassed the 2 billion users mark.  There is an opportunity for Facebook to continue its path of success
Publish At:2017-07-21 07:50 | Read:122 | Comments:0 | Tags:Technology drone Facebook Internet Security

After AlphaBay’s Demise, Customers Flocked to Dark Market Run by Dutch Police

Earlier this month, news broke that authorities had seized the Dark Web marketplace AlphaBay, an online black market that peddled everything from heroin to stolen identity and credit card data. But it wasn’t until today, when the U.S. Justice Department held a press conference to detail the AlphaBay takedown that the other shoe dropped: Police in The N
Publish At:2017-07-21 06:30 | Read:100 | Comments:0 | Tags:Other Alexandre Cazes AlphaBay Andrew McCabe Bitcoin dark ma

Exclusive: Dutch Cops on AlphaBay ‘Refugees’

Following today’s breaking news about U.S. and international authorities taking down the competing Dark Web drug bazaars AlphaBay and Hansa Market, KrebsOnSecurity caught up with the Dutch investigators who took over Hansa on June 20, 2017. When U.S. authorities shuttered AlphaBay on July 5, police in The Netherlands saw a massive influx of AlphaBay re
Publish At:2017-07-21 06:30 | Read:85 | Comments:0 | Tags:Other AlphaBay takedown Europol fbi Hansa Market Petra Haand

Social-Engineer Toolkit (SET) v7.7 “Blackout” Released

TrustedSec is proud to announce a major release of the Social-Engineer Toolkit (SET) v7.7. This version incorporates support for hostnames in the HTA attack vector, and a redesigned Java Applet attack vector. Java is still widely used in corporations and with a valid code signing certificate can be one of the easiest ways to get a shell in an organization. I
Publish At:2017-07-21 05:00 | Read:81 | Comments:0 | Tags:Articles

Zimperium zLabs iOS Security Advisories

As part of zLab’s platform research team, I’ve tried to investigate an area of the kernel that wasn’t thoroughly researched before.  After digging into some of Apple’s closed-source kernel modules, one code chunk led to another and I’ve noticed a little-known module, which I’ve never seen before, called AppleAVE. AppleAVE 
Publish At:2017-07-21 00:15 | Read:82 | Comments:0 | Tags:iOS Threat Research AppleAVE vulnerability IOS

APPLE-SA-2017-07-19-1 iOS 10.3.3

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-07-19-1 iOS 10.3.3iOS 10.3.3 is now available and addresses the following:ContactsAvailable for: iPhone 5 and later, iPad 4th generation and later,and iPod touch 6th generationImpact: A remote attacker may be able to cause unexpected applicationtermination or arbitrary code executionDescription: A
Publish At:2017-07-20 22:22 | Read:101 | Comments:0 | Tags: IOS

APPLE-SA-2017-07-19-2 macOS 10.12.6

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-07-19-2 macOS 10.12.6macOS 10.12.6 is now available and addresses the following:afclipAvailable for: macOS Sierra 10.12.5Impact: Processing a maliciously crafted audio file may lead toarbitrary code executionDescription: A memory corruption issue was addressed through improvedinput validation.CVE-2
Publish At:2017-07-20 22:22 | Read:82 | Comments:0 | Tags:No Tag

APPLE-SA-2017-07-19-3 watchOS 3.2.2

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-07-19-3 watchOS 3.2.2watchOS 3.2.2 is now available and addresses the following:ContactsAvailable for: All Apple Watch modelsImpact: A remote attacker may be able to cause unexpected applicationtermination or arbitrary code executionDescription: A buffer overflow issue was addressed through improve
Publish At:2017-07-20 22:22 | Read:70 | Comments:0 | Tags:No Tag

APPLE-SA-2017-07-19-4 tvOS 10.2.2

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-07-19-4 tvOS 10.2.2tvOS 10.2.2 is now available and addresses the following:ContactsAvailable for: Apple TV (4th generation)Impact: A remote attacker may be able to cause unexpected applicationtermination or arbitrary code executionDescription: A buffer overflow issue was addressed through improved
Publish At:2017-07-20 22:21 | Read:83 | Comments:0 | Tags:No Tag

APPLE-SA-2017-07-19-5 Safari 10.1.2

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-07-19-5 Safari 10.1.2Safari 10.1.2 is now available and addresses the following:SafariAvailable for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6,and macOS Sierra 10.12.6Impact: Processing maliciously crafted web content may lead to aninfinite number of print dialogsDescription: An issue existed
Publish At:2017-07-20 22:21 | Read:75 | Comments:0 | Tags:No Tag

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud