HackDig : Dig high-quality web security articles for hacker

New Verizon data leak, the second one in a few months

Experts at Kromtech Security Research Center discovered a new Verizon leak exposed confidential and sensitive data on internal systems. It has happened again, security researchers with Kromtech Security Research Center discovered a new Verizon leak exposed confidential and sensitive data on internal systems. Leaked data includes server logs and credentials f
Publish At:2017-09-23 09:15 | Read:41 | Comments:0 | Tags:Breaking News Data Breach Chris Vickery data breach data lea

Google released a Chrome 61 update that patches 2 High-Risk Flaws

Google has just released an updated version of Chrome 61, version 61.0.3163.100, that addresses 3 security flaws, two of which rated high-severity. The new version is already available for Windows, Mac, and Linux users and includes a total of three vulnerabilities. The first high-risk bug, tracked as CVE-2017-5121, is an Out-of-bounds access in V8 reported b
Publish At:2017-09-23 09:15 | Read:22 | Comments:0 | Tags:Breaking News Security Bug Bounty Chrome High-Risk Flaws Goo

CSE CybSec ZLAB Malware Analysis Report: Petya

I’m proud to share with you the second report produced by Z-Lab, the Malware Lab launched by the company CSE CybSec. Enjoy the Analysis Report Petya. CybSec Enterprise recently launched a malware Lab called it Z-Lab, that is composed of a group of skilled researchers and lead by Eng. Antonio Pirozzi. It’s a pleasure for me to share with you the
Publish At:2017-09-23 09:15 | Read:71 | Comments:0 | Tags:Breaking News Malware malware Malware Analysis Petya ransomw

Become an Entry-Level Cybersecurity Analyst

Cybersecurity is a growing issue. The greater frequency of attacks and their higher sophistication require companies to utilize the services of true subject matter experts readily available to apply best practices for securing business assets. Many are the professional figures sought nowadays to help secure networks, but lately, Cybersecurity Analysts
Publish At:2017-09-23 07:45 | Read:27 | Comments:0 | Tags:IT Certifications

Expected Ransomware Evolution in Coming Years

The tech world has been stricken with digital assaults this year and ransomware has been at the focal point of everything. So far, this year we have seen two record-softening attacks occur up to a matter of months. In May the WannaCry ransomware contaminated a huge number of PCs, disturbing doctor’s facilities, banks, and organizations. At that p
Publish At:2017-09-23 07:45 | Read:81 | Comments:0 | Tags:General Security

Cybersecurity as an ethical obligation

1. IntroductionAn ethical obligation is a standard that defines a moral course of action. Many professions are subject to comprehensive sets of ethical obligations which, if violated, may lead to sanctions. For example, the Code of Medical Ethics adopted by the American Medical Association sets forth the values to which every physician commits himself/
Publish At:2017-09-23 07:45 | Read:35 | Comments:0 | Tags:General Security

10 Digital Forensics Tools – The Lesser Known

For years Digital Forensics has played a significant role in the security domain. Being an integral part of the process, various tools have been developed over the years to make the forensic investigator’s work easier. Since most people are aware of tools such as EnCase, The Sleuth Kit, Caine, etc. that are used in the day-to-day practice, for a
Publish At:2017-09-23 07:45 | Read:40 | Comments:0 | Tags:Forensics

Tips to Avoid Social Media Website Phishers

For quite some time now, phishing has been a preferred method for malicious hackers to gather from users the information that allowed them to penetrate systems. The surge in use of social networks is now making their job even easier; scores of personal details, photos, videos, ideas and posts of any kind are available often even publicly. Phishing atta
Publish At:2017-09-23 07:45 | Read:83 | Comments:0 | Tags:Phishing

Where Do Security Vulnerabilities Come From?

There are three major causes: code quality, complexity, and trusted data inputs. It seems earthshaking vulnerabilities are released weekly that leave vendors and system administrators scrambling to remediate. So, where are all these vulnerabilities coming from? A simple search on the National Vulnerability Database shows over 3,300 new vulnerabilities releas
Publish At:2017-09-23 02:21 | Read:93 | Comments:0 | Tags:No Tag

Americans Rank Criminal Hacking as Their Number One Threat

Global warming and artificial intelligence rate as less of a threat to human health, safety, and prosperity, than getting hacked, according to a survey released today.Criminal hacking is the greatest threat to Americans' well-being, according to a new survey that found it outranks air pollution, motor vehicle accidents, and artificial intelligence.The online
Publish At:2017-09-23 02:20 | Read:59 | Comments:0 | Tags:No Tag

1.4 Million New Phishing Sites Launched Each Month

The number of phishing attacks reach a record rate in 2017, but the majority of the phishing sites remain active for just four- to eight hours.The average number of new phishing sites created in a given day has skyrocketed to more than 46,000, or 1.385 million each month, according to the Webroot Quarterly Threat Trends Report released this week.Th
Publish At:2017-09-23 02:20 | Read:132 | Comments:0 | Tags:No Tag

The Impact of the Blockchain on Cybersecurity

Since its appearance in 2009, the concept of the blockchain has expanded past its initial use as the base of bitcoin into many other areas. By its nature, this distributed database provides the perfect platform for the management of cryptocurrency. But its features have attracted the attention of experts interested in a broad array of other applications. Pos
Publish At:2017-09-23 00:30 | Read:137 | Comments:0 | Tags:Security b2b blockchain cybersecurity

OptionsBleed – The Apache HTTP Server Now Bleeds

A new vulnerability in the Apache HTTP server was found recently. Designated as CVE-2017-9798, this vulnerability lies in how Apache handles certain settings in its configuration files, resulting in memory leaks. This vulnerability is named OptionsBleed, based on its similarities with the Heartbleed vulnerability. Patches to Apache are now available. What is
Publish At:2017-09-22 21:10 | Read:44 | Comments:0 | Tags:Vulnerabilities apache OptionsBleed

EITest Campaign Uses Tech Support Scams to Deliver Coinhive’s Monero Miner

We’ve uncovered the notorious EITest campaign delivering a JavaScript (JS) cryptocurrency miner (detected by Trend Micro as HKTL_COINMINE) using tech support scams as a social engineering lure. These are fraud activities impersonating legitimate technical support services, conning unwitting victims to avail/pay for these services (or hand out financial data)
Publish At:2017-09-22 21:10 | Read:78 | Comments:0 | Tags:Bad Sites cryptocurrency cryptocurrency miner EITest Tech Su

WordPress Plugin Responsive Image Gallery 1.1.8 - SQL Injection

=============================================MGC ALERT 2017-006- Original release date: September 01, 2017- Last revised: September 25, 2017- Discovered by: Manuel García Cárdenas- Severity: 7,1/10 (CVSS Base Score)- CVE-ID: CVE-2017-14125=============================================I. VULNERABILITY-------------------------WordPress Plugin Responsive Image
Publish At:2017-09-22 15:00 | Read:75 | Comments:0 | Tags:No Tag

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud