HackDig : Dig high-quality web security articles

NullMixer: oodles of Trojans in a single dropper

Executive Summary NullMixer is a dropper leading to an infection chain of a wide variety of malware families. NullMixer spreads via malicious websites that can be found mainly via search engines. These websites are often related to crack, keygen and activators for downloading software illegally, and while they may pretend to be legitimate software, they actu
Publish At:2022-09-26 05:12 | Read:8285 | Comments:0 | Tags:Malware descriptions Malware Malware Descriptions Malware Te

Exmatter exfiltration tool used to implement new extortion tactics

Ransomware operators switch to new extortion tactics by using the Exmatter malware and adding new data corruption functionality. The data extortion landscape is constantly evolving and threat actors are devising new extortion techniques, this is the case of threat actors using the Exmatter malware. Cyderes Special Operations and Stairwell Threat Resear
Publish At:2022-09-26 04:14 | Read:14530 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Exmatter hackin

The State of Cybersecurity has improved but is hardly flawless

For the record, it should be acknowledged from the start that there is no question that the cybersecurity landscape has improved over time, mostly courtesy of persistent increases in cyber spending year after year. Gartner estimates that the U.S. and the rest of the world will invest $172 billion in cybersecurity this year, up from $150 billion last yea
Publish At:2022-09-25 23:54 | Read:8640 | Comments:0 | Tags:Featured Articles Security Awareness business cybersecurity

Major Database Security Threats & How You Can Prevent Them

Organizations and businesses must use a range of measures, protocols, and tools to protect their databases from cybercriminals. If breached, malicious actors can gain access to sensitive information that they can use for financial gain. Security teams must adapt and constantly improve to protect against ever-evolving security threats, and maintain the integr
Publish At:2022-09-25 23:54 | Read:7558 | Comments:0 | Tags:Featured Articles Security Controls Vulnerability Management

Bitbucket Git Command Injection

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheck include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager def initialize(info = {}) super(
Publish At:2022-09-25 19:21 | Read:50969 | Comments:0 | Tags:No Tag

Attackers impersonate CircleCI platform to compromise GitHub accounts

Threat actors target GitHub users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. GitHub is warning of an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. The company learned of the att
Publish At:2022-09-25 12:57 | Read:42162 | Comments:0 | Tags:Breaking News Hacking Security CircleCI hacking news informa

Security Affairs newsletter Round 385

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. ISC fixed high-severity flaws in the BIND DNS softwareUkraine: SSU dismantled cyber gang that stole 30
Publish At:2022-09-25 08:11 | Read:21414 | Comments:0 | Tags:Breaking News Cybercrime data breach Hacking hacking news in

OpIran: Anonymous declares war on Teheran amid Mahsa Amini’s death

OpIran: Anonymous launched Operation Iran against Teheran due to the ongoing crackdown on dissent after Mahsa Amini’s death. Anonymous launched OpIran against Iran due to the ongoing crackdown on dissent after Mahsa Amini’s death. The protests began after the death of Mahsa Amini from Saqqez in Kurdistan province after her arrest by Iran’s morality pol
Publish At:2022-09-25 08:11 | Read:27369 | Comments:0 | Tags:Breaking News Hacking Hacktivism Security Anonymous hacking

What Does Social Engineering Have to Do with Ransomware?

What Does Social Engineering Have to Do with Ransomware? September 25th, 2022 No Comments anti-phishing, Data Privacy, Data Protection, Online Safety, PC security, Ransomware Online scams have become so common that we are immediately suspicious whenever we see
Publish At:2022-09-25 06:47 | Read:26813 | Comments:0 | Tags:anti-phishing Data Privacy Data Protection Online Safety PC

ISC fixed high-severity flaws in the BIND DNS software

The Internet Systems Consortium (ISC) fixed six remotely exploitable vulnerabilities in the BIND DNS software. The Internet Systems Consortium (ISC) this week released security patches to address six remotely exploitable vulnerabilities in BIND DNS software. Four out of six flaws, all denial-of-service (DoS) issue, have been rated as ‘high’ severity.
Publish At:2022-09-24 20:17 | Read:27374 | Comments:0 | Tags:Breaking News Security BIND BIND DNS Hacking hacking news in

American Airlines learned it was breached from phishing targets

American Airlines says its Cyber Security Response Team found out about a recently disclosed data breach from the targets of a phishing campaign that was using an employee's hacked Microsoft 365 account.As the airline said in filings with the Office of the New Hampshire Attorney General, after receiving these phishing reports, American's CIRT discovered
Publish At:2022-09-24 16:43 | Read:37311 | Comments:0 | Tags:Security

Microsoft SQL servers hacked in TargetCompany ransomware attacks

Vulnerable Microsoft SQL servers are being targeted in a new wave of attacks with FARGO ransomware, security researchers are warning.MS-SQL servers are database management systems holding data for internet services and apps. Disrupting them can cause severe business trouble.BleepingComputer has reported similar attacks in February, droppi
Publish At:2022-09-24 16:43 | Read:33189 | Comments:0 | Tags:Security ransomware hack

Windows 11 now warns when typing your password in Notepad, websites

Windows 11 22H2 was just released, and with it comes a new security feature called Enhanced Phishing Protection that warns users when they enter their Windows password in insecure applications or on websites.Windows login credentials are valuable to threat actors as they allow them to access internal corporate networks for data theft or ransomware attacks.Th
Publish At:2022-09-24 16:43 | Read:35972 | Comments:0 | Tags:Microsoft Security

Ukraine: SSU dismantled cyber gang that stole 30 million accounts

The cyber department of Ukraine ‘s Security Service (SSU) dismantled a gang that stole accounts of about 30 million individuals. The cyber department of Ukraine ‘s Security Service (SSU) has taken down a group of hackers that is behind the theft of about 30 million individuals. The gang was offering the stole accounts for sale on the dark web,
Publish At:2022-09-24 12:57 | Read:42501 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime Dark Web disinf

London Police arrested a teen suspected to be behind Uber, Rockstar Games breaches

The City of London Police this week announced the arrest of a 17-year-old teenager on suspicion of hacking. Is he the Uber hacker? The City of London Police on Friday announced to have arrested a 17-year-old teenager on suspicion of hacking, however, experts believe the arrest could be linked to the recent security breaches suffered by Uber and Rockstar G
Publish At:2022-09-24 10:10 | Read:21259 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Security Cybercrime data b

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud

Friend Links