HackDig : Dig high-quality web security articles for hackers

Credential Stuffing: AI’s Role in Slaying a Hydra

One data breach can lead to another. Because so much of the data stolen in breaches ends up for sale on the dark web, a threat actor can purchase authentication credentials — the emails and passwords — of the organization’s employees without having to steal them directly. With that information in hand, threat actors have an open door into
Publish At:2021-01-25 09:29 | Read:84 | Comments:0 | Tags:Data Protection Fraud Protection Identity & Access Artificia

Tripwire Products: Quick Reference Guide

Here at The State of Security, we cover everything from breaking stories about new cyberthreats to step-by-step guides on passing your next compliance audit.But today we’d like to offer a straight-forward roundup of the Tripwire product suite. Get to know the basics of Tripwire’s core solutions for FIM, SCM, VM and more. Without further ado:Tripwire® Enterpr
Publish At:2021-01-25 09:20 | Read:43 | Comments:0 | Tags:Tripwire News Data Collector DevOps Enterprise IP360 log man

Illinois Court Exposes More Than 323,000 Sensitive Records

Unsecured Server Exposed Records Containing Sensitive Personal Data and Case Notes From Cook County CourtOn September 26, 2020, researchers discovered an unsecured Elasticsearch server exposing more than 323,277 Cook County court related records containing highly sensitive personal data. Cook County, Illinois, is the second most populous county in the U
Publish At:2021-01-25 08:23 | Read:42 | Comments:0 | Tags:NEWS & INDUSTRY Data Protection

SonicWall Probes Attack Using Zero-Days in Own Products

Security vendor SonicWall has warned its customers that threat actors may have found zero-day vulnerabilities in some of its remote access products.An initial post on the vendor’s knowledgebase pages on Friday claimed that the NetExtender VPN client version 10.x and the SMB-focused SMA 100 series were at risk.However, an update over the weekend clarifi
Publish At:2021-01-25 07:20 | Read:105 | Comments:0 | Tags:No Tag

Intel: Earnings Leak Down to Internal Error

Intel was forced to issue its financial results earlier than expected last week after an internal error made public some of the information before it was due to be released, the firm has confirmed.Originally, Intel CFO, George Davis claimed a “hacker” had got hold of an infographic detailing the earnings, which was waiting to be published on the
Publish At:2021-01-25 07:20 | Read:59 | Comments:0 | Tags:No Tag

ManiMed: Philips Medizin Systeme Böblingen GmbH – IntelliVue System Vulnerabilities

Manipulating Medical Devices The Federal Office for Information Security (BSI) aims to sensitize manufacturers and the public regarding security risks of networked medical devices in Germany. In response to the often fatal security reports and press releases of networked medical devices, the BSI initiated the project Manipulation of Medical Devices (ManiMed)
Publish At:2021-01-25 06:22 | Read:87 | Comments:0 | Tags:Breaking disclosure medical pentest

Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked

Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security incident, threat actors leaked sensitive data of 325K users on the Dark Web. Leaked data includes nam
Publish At:2021-01-25 05:48 | Read:76 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Digital ID BuyUcoin Darkw

NIST Cybersecurity Framework – The Key to Critical Infrastructure Cyber Resiliency

In the digital age, organizations and the missions and business processes they support rely on information technology and information systems to achieve their mission and business objectives. Not only is technology used to efficiently enable businesses to carry out operational activities, but it is also the backbone for the United States’ critical infr
Publish At:2021-01-25 01:32 | Read:116 | Comments:0 | Tags:ICS Security Critical Infrastructure cyber resilience framew

4 Steps for Assessing Your NERC CIP Compliance Program

The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) Standards are a cybersecurity compliance framework designed to protect utility organizations. Adhering to these guidelines is essential—falling short will leave your environment vulnerable to malicious actors and can result in some hefty fines. NERC CIP is a bur
Publish At:2021-01-25 01:32 | Read:43 | Comments:0 | Tags:Regulatory Compliance Critical Infrastructure NERC CIP Tripw

Tesla sues former employee for allegedly stealing sensitive docs

Tesla has accused a former employee, a software engineer, of downloading about 26,000 sensitive files and transferring them on his personal Dropbox On Saturday, Tesla sued the former employee Alex Khatilov for allegedly stealing 26,000 confidential documents, including trade secrets. The software engineer transferred the sensitive files to his personal Dr
Publish At:2021-01-24 19:25 | Read:103 | Comments:0 | Tags:Breaking News Cyber Crime Hacking information security news

Hacker leaks data of 2.28M users of dating site MeetMindful

A well-known threat actor has leaked data belonging to 2.28 million users registered on the dating website MeetMindful. ZDNet first reported that the well-known threat actor ShinyHunters has leaked the data of more than 2.28 million users registered on the dating site MeetMindful, The threat actor leaked the data for free download on a publicly accessi
Publish At:2021-01-24 14:43 | Read:108 | Comments:0 | Tags:Uncategorized data leak Hacking hacking news information sec

Windows 10X feature will prevent unauthorized factory resets

Windows 10X is a new streamlined version of Windows designed for security and performance that Microsoft announced in 2019 and plans to launch in Spring 2021 on a new range of devices.Many details so far have been scarce, but thanks to a Windows 10X build that was leaked last week, we can get a good look at the operating system and its features.In addition t
Publish At:2021-01-24 14:31 | Read:114 | Comments:0 | Tags:Microsoft Software

Another ransomware now uses DDoS attacks to force victims to pay

Another ransomware gang is now using DDoS attacks to force a victim to contact them and negotiate a ransom.In October 2020, we reported that ransomware gangs were beginning to utilize DDoS attacks against a victims' network or web site as an extra tool to force them to pay a ransom. At the time, the two operations using this new tactic were SunCrypt and Ragn
Publish At:2021-01-24 14:31 | Read:93 | Comments:0 | Tags:Security DDOS ransomware

Data breach at Buyucoin crypto exchange leaks user info, trades

A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free.Over the weekend, a threat actor known as ShinyHunters posted the link to an archive that contains the alleged database dumps for the Buyucoin cryptocurrency exchange.Pixlr database leaked for freeShinyHunters is a threat actor
Publish At:2021-01-24 14:31 | Read:85 | Comments:0 | Tags:Security

Chipmaker Intel reveals that an internal error caused a data leak

The chipmaker Intel Corp. revealed that an internal error it the root cause of a data leak, it confirmed that corporate network was not impacted. The computer chipmaker Intel Corp. confirmed that an internal error is the cause of a data leak that prompted it to release a quarterly earnings report early. Intel chief financial officer, George Davis, tol
Publish At:2021-01-24 10:18 | Read:112 | Comments:0 | Tags:Breaking News Data Breach Hacking hacking news information s

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud

Friend Links