HackDig : Dig high-quality web security articles for hackers

The Anatomy of Secure Remote Working- SecureLayer7

The pandemic of COVID-19 has changed the every day propensities for many individuals, and working schedules are no exception. With a large number of people abruptly changing to work from home, we’re seeing a tremorous move in how individuals work and organizations focusing on secure remote working. The level of telecommuters or remote workers has sw
Publish At:2020-08-08 13:29 | Read:35 | Comments:0 | Tags:Knowledge-base Security Advisory email security secure remot

FBI warns of Iran-linked hackers attempting to exploit F5 BIG-IP flaw

According to the FBI, Iranian hackers are actively attempting to exploit an unauthenticated RCE flaw, tracked as CVE-2020-5902, in F5 Big-IP ADC devices. The FBI is warning of Iranian hackers actively attempting to exploit an unauthenticated remote code execution flaw (CVE-2020-5902) affecting F5 Big-IP application delivery controller (ADC) devices. Ea
Publish At:2020-08-08 12:19 | Read:114 | Comments:0 | Tags:APT Breaking News Hacking BIG-IP F5 Networks BIG-IP exploit

ManageEngine ADSelfService Plus – Unauthenticated Remote Code Execution Vulnerability

Hello,Please find the below vulnerability details,-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------# Exploit Title: ManageEngine ADSelfService Plus – Unauthenticated RemoteCode Execution Vulnerability# Date: 08/08/2020# Exploit Author
Publish At:2020-08-08 04:38 | Read:48 | Comments:0 | Tags: Vulnerability

Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks

Wi-Fi chips manufactured by Qualcomm and MediaTek are impacted by vulnerabilities similar to the Kr00k issue disclosed early this year. Earlier this year, experts from ESET disclosed the Kr00k, a new high-severity hardware vulnerability, that affects Wi-Fi chips manufactured by Broadcom and Cypress. The Kr00k vulnerability, tracked as CVE-2019-15126,
Publish At:2020-08-08 04:35 | Read:83 | Comments:0 | Tags:Breaking News Hacking Mobile Kr00k Wi-Fi

Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts

By Marshall Chen, Loseway Lu, Yorkbing Yap, and Fyodor Yarochkin (Trend Micro Research) A series of ongoing business email compromise (BEC) campaigns that uses spear-phishing schemes on Office 365 accounts has been seen targeting business executives of over 1,000 companies across the world since March 2020. The recent campaigns target senior positions in the
Publish At:2020-08-07 22:19 | Read:108 | Comments:0 | Tags:Cloud Targeted Attacks business email compromise credential

Reddit massive hack: hackers defaced channels with pro-Trump messages

Reddit suffered a massive hack, threat actors compromised tens of Reddit channels and defaced them showing messages in support of Donald Trump’s campaign. Reddit suffered a massive hack, threat actors defaced tens of channel to display messages in support of Donald Trump’s reelection campaign. At the time of writing, the massive hack is sti
Publish At:2020-08-07 20:50 | Read:134 | Comments:0 | Tags:Breaking News Hacking Social Networks hacking news informati

Friday Squid Blogging: New SQUID

There's a new SQUID: A new device that relies on flowing clouds of ultracold atoms promises potential tests of the intersection between the weirdness of the quantum world and the familiarity of the macroscopic world we experience every day. The atomtronic Superconducting QUantum Interference Device (SQUID) is also potentially useful for ultrasensitive rotat
Publish At:2020-08-07 18:54 | Read:115 | Comments:0 | Tags:No Tag

Hacking the PLC via Its Engineering Software

Researcher will demonstrate at DEF CON an emerging threat to industrial control networks.Attackers don't need to directly hack into a programmable logic controller (PLC) to wreak havoc on an industrial process: they can target its configuration files and pivot from there.Researchers over the past year have been exposing easily exploitable holes in the so-cal
Publish At:2020-08-07 17:25 | Read:83 | Comments:0 | Tags:No Tag

SEC Consult SA-20200807-0 :: Multiple Vulnerabilities in flatCore CMS

SEC Consult Vulnerability Lab Security Advisory < 20200807-0 >======================================================================= title: Multiple Vulnerabilities product: flatCore CMS vulnerable version: <=1.5.5 fixed version: 1.5.7 CVE number: - impact: High homepage: https://flatcore.o
Publish At:2020-08-07 17:03 | Read:109 | Comments:0 | Tags:No Tag

TikTok and WeChat: Chinese Apps Dogged by Security Fears

The United States has fired a new salvo in its rivalry with China, ordering sweeping restrictions against Chinese-owned social media stars TikTok and WeChat.Here are some key facts about the platforms:- What is WeChat? -WeChat, known as "weixin" or micro-message in Chinese, belongs to tech giant Tencent and has grown to become ubiquitous in daily life across
Publish At:2020-08-07 15:41 | Read:144 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Privacy Compliance Risk

Chinese Researchers Show How They Remotely Hacked a Mercedes-Benz

A team of Chinese researchers has described the analysis process that resulted in the discovery of 19 vulnerabilities in a Mercedes-Benz E-Class, including flaws that can be exploited to remotely hack a car.The research was conducted starting in 2018 by Sky-Go, the vehicle cybersecurity unit of Chinese security solutions provider Qihoo 360. The findings were
Publish At:2020-08-07 15:41 | Read:89 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Wireless Security Vulner

Researcher Finds New Office Macro Attacks for MacOS

Building successful macro attacks means getting past several layers of security, but a Black Hat speaker found a way through.Microsoft Office is no stranger to vulnerabilities and exploits. Most of those vulnerabilities led from Microsoft Office to Microsoft Windows, but it's possible for an attacker to take an exploit path from Microsoft Office to macOS &md
Publish At:2020-08-07 15:38 | Read:96 | Comments:0 | Tags:No Tag

400+ Qualcomm Chip Vulnerabilities Threaten Millions of Android Phones

Security researchers found hundreds of pieces of vulnerable code in the Qualcomm Snapdragon chips powering Android phones.Security researchers have discovered more than 400 pieces of vulnerable code inside the Qualcomm Snapdragon digital signal processor (DSP) chip that powers millions of high-end smartphones from Google, Samsung, LG, Xiaomi, OnePlus, and ot
Publish At:2020-08-07 15:38 | Read:137 | Comments:0 | Tags:No Tag

How to Send Files Securely

There are many occasions when you need to send files securely to a friend, colleague, or client. If you can’t meet in person to exchange files, there are a number of online and cloud services that can handle file transfers for you. It’s easier than ever to use these services, many of them free, to securely send files to others. Here are a few opt
Publish At:2020-08-07 15:08 | Read:123 | Comments:0 | Tags:How To

A New iMac, a Google Gotcha, and a Zoom Zinger – Intego Mac Podcast Episode 147

Apple updated the 27″ iMac this week, and it may be the last new desktop Mac running Intel processors, but should you buy this one or wait for Apple’s own chips? Google accidentally enabled some of its speakers to listen in on sounds in people’s homes, and we update recent stories about Garmin getting hit by ransomware, and the Great Twitte
Publish At:2020-08-07 15:08 | Read:116 | Comments:0 | Tags:Intego Mac Security Podcast

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud

Friend Links