HackDig : Dig high-quality web security articles for hackers

Former Yahoo! employee who accessed 6K accounts avoids jail

A former Yahoo! employee who hacked into the accounts of thousands of users was sentenced to five years of probation. In September the former Yahoo software engineer Reyes Daniel Ruiz has admitted in court to hacking into 6,000 Yahoo! accounts back in 2018. Last week Ruis (35), of Tracy, California, was sentenced to five years of probation after he adm
Publish At:2020-07-06 16:43 | Read:4 | Comments:0 | Tags:Breaking News Cyber Crime Cybercrime Yahoo!

Former Yahoo! Employee Avoids Jail After Hacking User Accounts

A former Yahoo! employee who admitted to hacking into the accounts of thousands of users was sentenced last week to five years of probation.The man, Reyes Daniel Ruiz, 35, of Tracy, California, pleaded guilty in September 2019 to hacking roughly 6,000 Yahoo! accounts, looking for sexual photos and videos.To access the victim accounts, he used cracked user pa
Publish At:2020-07-06 15:24 | Read:23 | Comments:0 | Tags:NEWS & INDUSTRY Cybercrime

Try2Cry Ransomware Spreads via USB Drives

G Data security researchers have identified a new ransomware family that attempts to spread using infected USB drives.Dubbed Try2Cry, the new piece of ransomware borrows functionality from Spora, which first emerged three years ago. Written in .NET, Try2Cry features a USB worm component similar to that previously observed in the njRAT remote access Trojan.Th
Publish At:2020-07-06 15:24 | Read:39 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Android Adware Tied to Undeletable Malware

Adware on inexpensive Android smartphone can carry additional malware and be undeletable.Researchers have found more than a dozen critical files associated with preinstalled adware on Android devices that carry loaders, Trojans, and other malware on top of their annoying "legitimate" payload.Igor Golovin and Anton Kivva, researchers at Kaspersky, began looki
Publish At:2020-07-06 15:20 | Read:75 | Comments:0 | Tags:No Tag

Credit card skimmer targets ASP.NET sites

Cybercriminals typically focus on targets that can get them the highest return with the least amount of effort. This is often determined by their ability to scale attacks, and therefore on how prevalent a vulnerability or target system is. Enter: the credit card skimmer. In the world of digital skimming, we’ve seen the most activity on e-commerce co
Publish At:2020-07-06 15:00 | Read:67 | Comments:0 | Tags:Threat analysis ASP.net credit card credit card skimmer cred

Volume and Size of Fines for Data Breaches Expected to Rise

The number and value of fines for data breaches is predicted to increase between now and 2025, according to a new study by DSA Connect. Interviews with 1000 workers between 24 and 27 April 2020 revealed that 37% think there will be an increase and 6% believe the rise will be dramatic. Just 3% expect a reduction.In regard to fines linked to the inadequate del
Publish At:2020-07-06 12:50 | Read:106 | Comments:0 | Tags:No Tag

Mobile Users Increasingly Targeted by Undeletable Malicious Files

System partition infections as a method of installing adware are on the rise in mobile devices, according to new research from Kaspersky. It found that 14.8% of Kaspersky users who were targeted by malware or adware in 2019 had this type of infection, which means the malicious files cannot be deleted.A system partition infection is particularly dangerous as
Publish At:2020-07-06 12:50 | Read:94 | Comments:0 | Tags:No Tag

Cybersecurity consultant certifications — Explore your options

Introduction: IT consultants for cybersecurity mattersCybersecurity consultants are the go-to professionals to devise best ways to protect an organization’s critical assets. Their role entails helping clients lower their risk by accurately interpreting and analyzing security risks to implement best practices that can increase protection from cyber thre
Publish At:2020-07-06 12:34 | Read:72 | Comments:0 | Tags:General Security

djinn 1: CTF walkthrough, part 1

IntroductionIn this article, we will solve a Capture the Flag (CTF) challenge that was posted on the VulnHub website by an author named “0xmzfr.” As per the description given by the author, this is an intermediate-level CTF. The target of this CTF is to capture two flags, which are present in user.txt and root.txt respectively.You can check my previous
Publish At:2020-07-06 12:34 | Read:42 | Comments:0 | Tags:Capture the Flag

4 tips for phishing field employees [Updated 2020]

Phishing is easy. Let’s just get that out of the way. It’s easy for an attacker, and, if you have the right tools (such as InfoSec Institute’s PhishSim), it is easy for a cybersecurity professional who wants to test the company employees using simulated phishing campaigns. With an average of 90 messages being delivered to a business email address per d
Publish At:2020-07-06 12:34 | Read:46 | Comments:0 | Tags:Phishing phishing

Nigerian Man Charged With Cyber Fraud Against US Companies

A Nigerian national appeared in federal court in Chicago Friday accused of orchestrating an international cyber fraud scheme that federal prosecutors say defrauded U.S. businesses in six states out of tens of millions of dollars.Olalekan Jacob Ponle, 29, originally of Lagos, Nigeria, was arrested last month in the United Arab Emirates, where he was living, a
Publish At:2020-07-06 11:32 | Read:81 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Cybercrime

Magecart Attacks on Claire's and Other U.S. Stores Linked to North Korea

Hackers linked to the North Korean government appear to be behind the Magecart attacks on fashion retailer Claire’s and other online stores, Netherlands-based e-commerce security company Sansec reported on Monday.Threat actors linked to North Korea have been known to launch — in addition to espionage and destructive campaigns — financially-motivated attacks,
Publish At:2020-07-06 11:32 | Read:79 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Fraud & Identity

NSA Publishes Recommendations on Securing IPsec VPNs

The National Security Agency (NSA) has published a series of recommendations on how to properly configure IP Security (IPsec) Virtual Private Networks (VPNs).Used within organizations of all sizes for remote connection to assets and for telework, VPNs can deliver the expected level of security if strong cryptography is employed and if admins perform regular
Publish At:2020-07-06 11:32 | Read:73 | Comments:0 | Tags:NEWS & INDUSTRY Identity & Access Risk Management Se

How to Assess More Sophisticated IoT Threats

Securing the Internet of Things requires diligence in secure development and hardware design throughout the product life cycle, as well as resilience testing and system component analysis. As devices and technologies connecting us to the world evolve, cybercriminals are evolving their methods to attack and compromise critical systems across the Internet of T
Publish At:2020-07-06 11:29 | Read:99 | Comments:0 | Tags:No Tag

ThiefQuest Ransomware for the Mac

There's a new ransomware for the Mac called ThiefQuest or EvilQuest. It's hard to get infected: For your Mac to become infected, you would need to torrent a compromised installer and then dismiss a series of warnings from Apple in order to run it. It's a good reminder to get your software from trustworthy sources, like developers whose code is "signed" by A
Publish At:2020-07-06 10:53 | Read:80 | Comments:0 | Tags:No Tag

Announce

Share high-quality web security related articles with you:)

Tools

Friend Links