HackDig : Dig high-quality web security articles for hacker

Considerations on DMZ Design in 2016, Part 1

I’m currently involved in a “DMZ Redesign” effort in a sufficiently large enterprise (800+ hosts in “the DMZ”) and I thought this might be an opportunity to reflect on some aspects of “DMZ networks” in a series of posts. Some of you already know that, at ERNW, we have a tendency to discuss stuff starting with some f
Publish At:2016-08-27 07:30 | Read:64 | Comments:0 | Tags:Uncategorized Design DMZ

New Locky Ransomware variant uses DLLs for distribution

A new Locky Ransomware variant has been spotted by researchers at Cyren, it uses DLLs for distribution. The Locky Ransomware is one of the most popular threats since its first detection in the wild early 2016. The ransomware has evolved over the time, crooks have improved it adding new evasion detection features and changing the distribution methods. Securit
Publish At:2016-08-27 05:55 | Read:81 | Comments:0 | Tags:Breaking News Cyber Crime Malware Bart malware Cybercrime Ha

Mozilla launched the Observatory tool to test the security of websites

The Security Engineer April King from Mozilla has released the Observatory Tool, a free tool for the security assessment of websites. Mozilla has launched the ‘Observatory,’ a tool developed by the Security Engineer April King that allows administrators and developer to test their websites. “Observatory is a simple tool that allows site ope
Publish At:2016-08-27 05:55 | Read:76 | Comments:0 | Tags:Breaking News Hacking Security Observatory Tool security sec

PoS Malware Hits Millennium, Noble House Hotel Chains

Two major hotel chains are warning customers that their payment card details may have been compromised after discovering point-of-sale (PoS) malware infections on their systems.Millennium Hotels & Resorts (MHR) and Noble House Hotels and Resorts (NHHR) both announced the security incidents on Thursday following an alert from the U.S. Secret Service.The h
Publish At:2016-08-27 04:05 | Read:7 | Comments:0 | Tags:Latest Security News hotel malware point-of-sale

Firefox Adds Protection for MIME Confusion Attacks

Starting with Firefox 50, the browser will feature improved mitigation against MIME confusion attacks, preventing a threat actor from disguising malicious code as other files, mostly images.Whenever the browser receives a file from the server, Firefox will check the server response for the Content-Type header, which tells it what kind of file it downloaded,
Publish At:2016-08-27 00:55 | Read:81 | Comments:0 | Tags:Security Fixes and Improvements

Fantom Ransomware Mimics Windows Update Screen

Ransomware often tries to disguise its malicious behavior by various tricks. The latest method observed is from a new variant called Fantom, which shows a fake Windows Update screen, while in reality, it's encrypting the user's files.The ransomware, spotted for the first time only a few days ago by AVG security researcher Jakub Kroustek, is coded on
Publish At:2016-08-27 00:55 | Read:58 | Comments:0 | Tags:Virus alerts

Mozilla launches free website security scanning service

In order to help webmasters better protect their websites and users, Mozilla has built an online scanner that can check if web servers have the best security settings in place.Dubbed Observatory, the tool was initially built for in-house use by Mozilla security engineer April King, who was then encouraged to expand it and make it available to the whole w
Publish At:2016-08-26 23:10 | Read:4 | Comments:0 | Tags:Security Web Development Web Services

5 security practices hackers say make their lives harder

Whether they identify as white hats, black hats or something in-between, a majority of hackers agree that no password is safe from them — or the government for that matter. Regardless of where they sit with respect to the law, hackers mostly agree that five key security measures can make it a lot harder to penetrate enterprise networks.At the Black Hat U
Publish At:2016-08-26 23:10 | Read:47 | Comments:0 | Tags:Security Hacking Cloud Security Physical Security Data Breac

Got big data? Check out these 100 best practices for keeping it secure

Big data is best known for its volume, variety, and velocity -- collectively referred to as the "3 Vs" -- and all three of those traits make security an elusive goal. Targeting companies grappling with that challenge, the Cloud Security Alliance on Friday released a new report offering 100 best practices.As its name would suggest, the CSA focuses on prom
Publish At:2016-08-26 23:10 | Read:61 | Comments:0 | Tags:Security Cloud Computing Big Data Privacy Data Management

Medical device security ignites an ethics firestorm

One security research company is taking a controversial approach to disclosing vulnerabilities: It’s publicizing the flaws as a way to tank a company’s stock.The security firm, MedSec, made news on Thursday when it claimed that pacemakers and other health care products from St. Jude Medical contain vulnerabilities that expose them to hacks.However, MedSe
Publish At:2016-08-26 23:10 | Read:41 | Comments:0 | Tags:Security Hacking Healthcare

The Hidden Dangers Of 'Bring Your Own Body'

The use of biometric data is on the rise, causing new security risks that must be assessed and addressed.The term “BYOB” might have more interpretations than you think. Increasingly, in the area of enterprise security and data, it could mean “bring your own body.”The use of biometric data, in both consumer and enterprise technology, i
Publish At:2016-08-26 23:05 | Read:28 | Comments:0 | Tags:No Tag

Global Cost of Cybercrime Predicted to Hit $6 Trillion Annually By 2021, Study Says

Start saving now.The global cost of cybercrime could reach $6 trillion by 2021, according to a Cybersecurity Ventures report. A report out by Cybersecurity Ventures predicts global annual cybercrime costs will grow to $6 trillion by 2021. While a $6 trillion estimate might be a little high, “a trillion dollars plus is a real possibility,&rdqu
Publish At:2016-08-26 23:05 | Read:78 | Comments:0 | Tags:No Tag

Multiple Apple iOS Zero-Days Enabled Firm To Spy On Targeted iPhone Users For Years

Victims of 'lawful intercepts' include human rights activists and journalist, researchers from Citizen Lab and Lookout say.Apple’s much vaunted reputation for security took a bit of beating this week with two separate reports identifying serious vulnerabilities in its iOS operating system for iPhones and iPads.One of the reports, from security firm Loo
Publish At:2016-08-26 23:05 | Read:47 | Comments:0 | Tags: IOS

Inside ‘The Attack That Almost Broke the Internet’

In March 2013, a coalition of spammers and spam-friendly hosting firms pooled their resources to launch what would become the largest distributed denial-of-service (DDoS) attack the Internet had ever witnessed. The assault briefly knocked offline the world’s largest anti-spam organization, and caused a great deal of collateral damage to innocent bystan
Publish At:2016-08-26 19:55 | Read:49 | Comments:0 | Tags:Other Aleksey Frolov Alex Optik Amazon Andrei Stanchevici An

GCSE Computing Numbers Jump 76%

The number of students taking GCSE computing rocketed by 76% over the past year, fuelling hopes that this could translate into more UK school leavers pursuing careers in cybersecurity.In total, entry numbers for the course jumped from around 35,500 in 2015 to 62,500 this year.Kaspersky Lab UK & Ireland general manager, Kirill Slavin, argued that the
Publish At:2016-08-26 18:05 | Read:84 | Comments:0 | Tags:No Tag

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud