HackDig : Dig high-quality web security articles for hackers

How $100M in Jobless Claims Went to Inmates

The U.S. Labor Department’s inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail. That’s a tiny share of the estimated tens of billions of dollars in jobless benefits states have given to identity thieves in the past year. To help reverse that
Publish At:2021-02-25 18:50 | Read:83 | Comments:0 | Tags:A Little Sunshine Ne'er-Do-Well News Web Fraud 2.0 Blake Hal

Microsoft removes 3D Objects, Windows 10's most useless folder, from File Explorer

Microsoft is no longer treating possibly the most unused folder, 3D Objects, as a special folder in File Explorer.With the release of Windows 10 1703, otherwise known as the Creators Update, Microsoft included a new application called '3D Viewer' that allowed you to view and manipulate 3D models.Windows 10 3D ViewerAs a place to store all those 3D objec
Publish At:2021-02-25 18:43 | Read:86 | Comments:0 | Tags:Microsoft

XBOX Live outage prevents players from logging in

Xbox Live outage is suffering a worldwide outage that prevents users from logging into the service and accessing games.The outage started at approximately 3 PM EST and affects both Xbox Live and apps that rely on it, such as Windows 10's Xbox Game Bar and Xbox app.Windows 10 Xbox Game Bar affected by the outageMicrosoft is aware of the outage and has posted
Publish At:2021-02-25 18:43 | Read:65 | Comments:0 | Tags:Microsoft Gaming

Cisco fixes three critical bugs in ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS

Cisco addressed over a dozen vulnerabilities in its products, including three critical bugs in ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS software. Cisco released security updates to address over a dozen vulnerabilities affecting multiple products, including three critical flaws impacting its ACI Multi-Site Orchestrator, Applicati
Publish At:2021-02-25 18:24 | Read:74 | Comments:0 | Tags:Breaking News Security CISCO Hacking information security ne

ASUS Remote Link 1.1.2.13 Remote Code Execution

# Exploit: ASUS Remote Link 1.1.2.13 - Remote Code Execution# Date: 24-02-2021# Exploit Author: H4rk3nz0# Vendor Homepage: http://asus.com/# Software Link: http://remotelink.asus.com/# Version: 1.1.2.13# Tested on: Windows 10 Enterprise Build 17763# CVE: N/A#!/usr/bin/pythonimport socketfrom time import sleepimport sysport = 5665target = socket.socket(socket
Publish At:2021-02-25 17:27 | Read:132 | Comments:0 | Tags:No Tag

SpotAuditor 5.3.5 Denial Of Service

# Exploit Title: SpotAuditor 5.3.5 - 'multiple' Denial Of Service (PoC)# Exploit Author : Sinem Şahin# Exploit Date: 2021-02-10# Vendor Homepage : http://www.nsauditor.com/# Link Software : http://spotauditor.nsauditor.com/downloads/spotauditor_setup.exe# Tested on: Windows 7 x64# Version: 5.3.5# Steps: 1- Run the python script. (exploit.py) 2- O
Publish At:2021-02-25 17:27 | Read:110 | Comments:0 | Tags:No Tag

SLMail 5.1.0.4420 Remote Code Execution

# -*- coding: utf-8 -*-import socketfrom time import sleepfrom os import systemsystem("clear")print 'Shell-code-foi-informada?rn'print '[1] sim'print '[2] naon'quest = int(input('>>> '))def main(): system("clear") #============================ #--ensira-sua-shell-code-aqui buf =
Publish At:2021-02-25 17:27 | Read:102 | Comments:0 | Tags:No Tag

Unified Remote 3.9.0.2463 Remote Code Execution

# Exploit Title: Unified Remote 3.9.0.2463 - Remote Code Execution# Author: H4rk3nz0# Vendor Homepage: https://www.unifiedremote.com/# Software Link: https://www.unifiedremote.com/download# Tested on: Windows 10, 10.0.19042 Build 19042#!/usr/bin/pythonimport socketimport sysimport osfrom time import sleeptarget = socket.socket(socket.AF_INET, socket.SOCK_STR
Publish At:2021-02-25 17:27 | Read:93 | Comments:0 | Tags:No Tag

The Race to Find Profits in Securing Email

NEWS ANALYSIS --  More than 17 years after Bill Gates’s famous declaration that the spam problem was close to being solved for good, the corporate inbox continues to be a lucrative target for malicious hackers.  Now, a wave of well-funded email security startups are emerging to take another stab at securing the entry point for almost all major cybe
Publish At:2021-02-25 17:05 | Read:89 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Application Security E

5 Key Steps Schools Can Take to Defend Against Cyber Threats

Educational institutions have become prime targets, but there are things they can do to stay safer.The education sector has benefited significantly from digital transformation, enabling learning to take place anytime, anywhere. The advent of these remote learning capabilities, however, has also eroded the security perimeter, introducing a host of cyber-hygie
Publish At:2021-02-25 17:02 | Read:87 | Comments:0 | Tags: cyber

Thousands of VMware Servers Exposed to Critical RCE Bug

Security experts report scanning activity targeting vulnerable vCenter servers after a researcher published proof-of-concept code.More than 6,700 VMware vCenter Server systems are publicly accessible and vulnerable to a newly reported critical remote code execution (RCE) flaw that attackers are looking to exploit. Related Content:3 Security Flaws in Sma
Publish At:2021-02-25 17:02 | Read:59 | Comments:0 | Tags:No Tag

Ransomware, Phishing Will Remain Primary Risks in 2021

Attackers have doubled down on ransomware and phishing -- with some tweaks -- while deepfakes and disinformation will become more major threats in the future, according to a trio of threat reports.Cybercriminals and nation-states have doubled down and improved on popular attacks, targeting companies with double-extortion ransomware attacks, adopting various
Publish At:2021-02-25 17:02 | Read:96 | Comments:0 | Tags: ransomware

Scammers, profiteers, and shady sites? It must be tax season

US tax season is upon us, a time of the year when a special kind of vermin comes crawling out of the woodwork: tax scammers! Not that their goals are any different from any other scammers. They want your hard-earned dollars in their pockets. Most of the tax-related attacks follow a few tried and true methods: A phishing email or scam call from someone pur
Publish At:2021-02-25 16:54 | Read:83 | Comments:0 | Tags:Please don't buy this Web threats affiliates customer review

SOC Health Check: Prescribing XDR for Enterprises 

It is near-certain the need for security across the enterprise will never cease – only increase if year-over-year trends are any indication. We constantly see headlines with repetitive buzzwords and phrases calling attention to the complexity of today’s security operations center (SOC) with calls to action to reimagine and modernize the SOC. We’re no differe
Publish At:2021-02-25 16:53 | Read:90 | Comments:0 | Tags:Executive Perspectives Security operations xdr

TrustedSec Approved as a CMMC Registered Provider Organization!

TrustedSec has been approved by the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body (https://www.cmmcab.org/) as a Registered Provider Organization. In line with our mission of increasing the security posture of organizations around the world, TrustedSec is pleased to be a part of the program aimed at improving and ensuring the securi
Publish At:2021-02-25 16:06 | Read:70 | Comments:0 | Tags:CMMC Readiness Review Program Assessment & Compliance

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud

Friend Links