HackDig : Dig high-quality web security articles for hackers

Safeguarding Healthcare for the Future With Zero Trust Security

In 2019, we saw a record number of information security breaches. According to the IBM X-Force Threat Intelligence Index 2020, a total of 8.5 billion records were compromised — three times the number from 2018. The healthcare industry saw its fair share of attacks and was the 10th-most targeted industry, accounting for 3 percent of all attacks last year. Th
Publish At:2020-03-11 08:47 | Read:1457 | Comments:0 | Tags:Healthcare Identity & Access Access Management Advanced Pers

Advanced Approaches to ATM Network Protection

End-to-end automated teller machine (ATM) network protection encompasses multiple security layers. Is it not enough to simply protect ATM endpoints to ensure the security of a bank’s finances. Instead, security teams at financial institutions must take a more advanced approach to ATM network protection. ATM security has always been a hot-button issue
Publish At:2017-08-11 15:05 | Read:7558 | Comments:4 | Tags:Banking & Financial Services Fraud Protection Network Securi

Ninety-Five Percent of Webshell Attacks Written in PHP

There’s nothing inherently malicious about a webshell, which is a script that can be uploaded to a web server to enable remote administration of the machine. In the hands of an attacker, however, they are a serious cyberthreat. Advanced persistent threat (APT) groups often use webshells to breach organizations. Webshell Attacks Surging Earlier this yea
Publish At:2016-11-19 23:00 | Read:7076 | Comments:0 | Tags:Vulns / Threats Advanced Persistent Threat (APT) IBM Managed

Comparing Different Tools for Threat Sharing

The Importance of Threat Intelligence Collecting threat intelligence data and determining how to process this data is getting more and more attention from security professionals who want to detect and quickly respond to security threats. This holds true not only for advanced persistent threats (APTs), but also for mainstream attacks. Threat sharing provides
Publish At:2015-10-07 14:05 | Read:4530 | Comments:0 | Tags:IBM X-Force Threat Intelligence Advanced Persistent Threat (

The InfoSecond: July 13-17

Information security news develops and moves at a blistering pace. Blink and you might miss it. That’s precisely why we’ve developed The InfoSecond, a new weekly series dedicated to recapping the week’s best stories in brief so you can be best prepared to tackle the myriad of challenges that could impact your enterprise each week. The series will consist of
Publish At:2015-07-19 14:20 | Read:3928 | Comments:0 | Tags:Malware Advanced Persistent Threat (APT) Black Hat Dark Web

Carbanak: How Would You Have Stopped a $1 Billion APT Attack?

In what’s shaping up to be a textbook classic, Carbanak, a major advanced persistent threat (APT) attack against financial institutions around the world, may be considered the largest cyberheist to date. The scope of the attack and the losses it has caused make its case so significant. The surprise factor in this APT attack was the criminals’ cha
Publish At:2015-02-24 03:25 | Read:5071 | Comments:0 | Tags:Advanced Threats Threat Intelligence Advanced Persistent Thr

Cybercriminals Leverage Massively Distributed Malware in APT-Style Attacks

Since mid-2014, cybercriminals have used large distribution campaigns to infect millions of machines with the Dyre Trojan, a massively distributed malware. First identified in June 2014 as a malware that primarily steals banking credentials, Dyre has undergone many changes in a very short period. In September 2014, a variant of the Trojan was used to target
Publish At:2015-02-20 04:55 | Read:4729 | Comments:0 | Tags:Advanced Threats Banking & Financial Services CISO Industrie

Oil Tankers and Row Boats: The Security of Enterprises and Startups

One of my high school teachers used a great analogy for large and small companies: the oil tanker and the row boat. It’s a common example given in many business schools to describe the agility of a row boat, which can maneuver quickly, versus an oil tanker, which can take miles to change direction. The row boat, however, requires a lot more input to be
Publish At:2014-12-22 19:15 | Read:3101 | Comments:0 | Tags:Data Protection Advanced Persistent Threat (APT) enterprise

Uncloaking the Dark Arts of Evasive Malware

With so many security breaches in the headlines ­­from Home Depot to JP Morgan to Dairy Queen, ­­it would appear that cyber­criminals are winning the arms race against security professionals. Multinational retailers and banks are generally on the cutting edge of security technology adoption in the private sector, deploying a wide range of the latest network,
Publish At:2014-11-03 20:20 | Read:4674 | Comments:0 | Tags:Malware Advanced Persistent Threat (APT) antivirus Backoff B

Network Security: Don’t Stop With Insights, Take Action

Everyone has experienced a miserable moment of helplessness in which you are aware of the reasons for a problem and the actions you must take to remedy it, yet you are powerless to take action in time. An example of this is being milliseconds away from an accident — you are aware it is going to happen but are too late to stop it. Information technology secur
Publish At:2014-10-27 12:50 | Read:3135 | Comments:0 | Tags:Infrastructure Protection Network & Endpoint Security Intell

JPMorgan Chase Breach Puts Renewed Focus on Malware Attacks at Large Organizations

The recent breach into JPMorgan Chase’s network — one of the biggest data breaches in history — may have been caused by malware, according to The Wall Street Journal. At this point, full details on the breach are still unavailable, but according to the article, published on Oct. 2: “The attack appears to have been caused by malicious computer cod
Publish At:2014-10-08 15:00 | Read:3693 | Comments:0 | Tags:Banking & Financial Services Malware Network & Endpoint Adva

Corporate Credentials Protection: Do You Know Where Your Passwords Are?

Last month, I opined on how to protect corporate credentials in the wake of the loss of 1.2 billion usernames and passwords to Russian hackers. I threw down a gauntlet and challenged all to answer why we can continue to allow these types of attacks on passwords to hurt our enterprises. Although many organizations have a policy that prohibits reusing corporat
Publish At:2014-09-30 05:20 | Read:4547 | Comments:0 | Tags:Network & Endpoint Advanced Persistent Threat (APT) attacker

How a CISO Can Use Home Field Advantage to Defeat Attackers

Summer is over and as fall starts to settle in, football season starts again. It was while reviewing my son’s upcoming schedule that he pointed out that some of the earlier games in the season are against teams with more skilled players. However, he quickly pointed out that those games are at home and that this would be a big advantage to him and his t
Publish At:2014-09-24 22:50 | Read:3503 | Comments:0 | Tags:CISO Advanced Attacks Advanced Persistent Threat (APT) attac

Dyre Banking Trojan Used in APT-Style Attacks Against Enterprises

The global cloud computing company Salesforce.com is warning its customers that the Dyre Trojan might be used to target their login credentials. The Dyre banking Trojan, which typically targets customers of large financial institutions, was recently used in a large-scale, credential-phishing campaign targeting Bank of America, Citigroup, Royal Bank of Scotla
Publish At:2014-09-16 08:10 | Read:4451 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Advanc

4.5 Million Patient Records Stolen in CHS Data Breach — What’s Next?

Community Health Systems (CHS) reported to the U.S. Securities and Exchange Commission in July that it was the target of an external criminal attack and data breach between April and June 2014. CHS’s expert forensic firm, Mandiant, indicated that the attacker was an advanced persistent threat (APT) group operating in China. The APT group used highly so
Publish At:2014-08-28 09:00 | Read:3266 | Comments:0 | Tags:Banking & Financial Services Health Care advanced persistent

Tools