HackDig : Dig high-quality web security articles for hackers

Google Warning: North Korean Gov Hackers Targeting Security Researchers

Google late Monday raised the alarm about a “government-backed entity based in North Korea” targeting -- and hacking into -- computer systems belonging to security researchers.Google’s Threat Analysis Group (TAG), a team that monitors global APT activity, said the ongoing campaign is aimed at security researchers working on vulnerability research and develop
Publish At:2021-01-25 23:59 | Read:104 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Microsoft Edge Adds Password Generator, Drops Support for Flash, FTP

Microsoft has shipped the stable version of the Microsoft Edge 88 browser, featuring a brand new Password Generator and the ability to alert on compromised credentials.   The browser refresh also drops support for the FTP protocol and for the Adobe Flash plugin.With Microsoft Edge 88.0.705.50 now rolling out, users get a built-in strong password ge
Publish At:2021-01-22 14:05 | Read:114 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

'LuckyBoy' Malvertising Campaign Hits iOS, Android, XBox Users

A recently identified malvertising campaign targeting mobile and other connected devices users makes heavy use of obfuscation and cloaking to avoid detection.Dubbed LuckyBoy, the multi-stage, tag-based campaign is focused on iOS, Android, and Xbox users. Since December 2020, it penetrated over 10 Demand Side Platforms (DSP), primarily Europe-based, with obse
Publish At:2021-01-20 15:17 | Read:151 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Application Security F

FBI Warns of Employee Credential Phishing via Phone, Chat

The Federal Bureau of Investigation has issued a Private Industry Notification (PIN) to warn of attacks targeting enterprises, in which threat actors attempt to obtain employee credentials through vishing or chat rooms.Taking advantage of the COVID-19 pandemic, which has forced the broad adoption of telework, cyber-criminals and threat actors are attempting
Publish At:2021-01-18 16:29 | Read:236 | Comments:0 | Tags:Cyberwarfare Endpoint Security NEWS & INDUSTRY Applicati

Data Security Startup Qohash Raises $6 Million

Canadian data security startup Qohash this week announced it raised CAD 8 million (approximately USD $6.3 million) in Series A funding. The financing was led by FINTOP Capital.Founded in 2018, the Quebec-based company provides customers with solutions focused on data discovery and classification, helping enterprises monitor data across their environments. Fu
Publish At:2021-01-15 18:17 | Read:147 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Report: TikTok Harvested MAC Addresses By Exploiting Android Loophole

The ongoing controversies surrounding TikTok hit a new gear on Thursday with a bombshell report accusing the Chinese company of spying on millions of Android users using a technique banned by Google.According to a Wall Street Journal report, TikTok used a banned tactic to bypass the privacy safeguard in Android to collect unique identifiers from millions of
Publish At:2021-01-14 14:59 | Read:151 | Comments:0 | Tags:Endpoint Security Mobile Security NEWS & INDUSTRY Applic

Microsoft Patch Tuesday: 83 Vulnerabilities, 10 Critical, 1 Actively Exploited

Microsoft on Tuesday released the first batch of security patches for 2021 with fixes for 83 documented security vulnerabilities, including a "critical" bug in the Defender security product that's being actively exploited.Security experts are urging security response personnel to pay special attention to CVE-2021-1647, which describes a remote code execution
Publish At:2021-01-12 16:11 | Read:187 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Virus

SAP Patches Serious Code Injection, DoS Vulnerabilities

German software maker SAP has published 10 advisories to document flaws and fixes for a range of serious security vulnerabilities.SAP also published a total of 7 other updates for previously released security notes on this month’s Patch Day, for a total of 17 Notes. Five of these carry the highest severity rating of Hot News.Dealing with multiple vulnerabili
Publish At:2021-01-12 16:11 | Read:166 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Intel Packs Ransomware Detection Directly Into vPro Platform

At the virtual Consumer Electronics Show (CES) on Monday, chipmaker Intel announced CPU-based ransomware detection capabilities has been fitted directly into the Intel vPro platform.  Increasingly targeting businesses, ransomware has become the most prominent threat to enterprises, requiring advanced solutions to keep their data and the data of the
Publish At:2021-01-12 12:17 | Read:204 | Comments:0 | Tags:Disaster Recovery Endpoint Security NEWS & INDUSTRY Appl

F5 to Acquire Volterra in Deal Valued at $500 Million

F5 Networks (NASDAQ: FFIV) announced on Thursday that it has agreed to acquire Volterra, a Santa Clara, Calif.-based provider of tools that help customers deploy applications and build clouds across multiple cloud providers or their own edge locations.Under the terms of the agreement, F5 will pay roughly $440 million in cash and approximately $60 million in
Publish At:2021-01-07 19:11 | Read:99 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Cloud Security

Lacework Banks $525 Million as Cloud Security Market Heats Up

Lacework, a five-year-old cybersecurity company that automates security across enterprise cloud deployments, has reached unicorn status with the closing of a $525 million round of Series D financing.The Silicon Valley company, which automates security across public and private cloud deployments, is now valued north of $1 billion.Driven by post-pandemic digit
Publish At:2021-01-07 15:17 | Read:136 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Application Security V

Slack Outage Causing Enterprise Security Hiccups

Business communications platform Slack is scrambling to recover from an ongoing outage that is proving disruptive to cybersecurity response teams around the world.At 7:15AM PST, the San Francisco, Calif.-based Slack confirmed users were “having trouble loading channels or connecting to Slack.”   No other details were provided on the cause of the ou
Publish At:2021-01-04 13:11 | Read:182 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Application Security A

7 Cybersecurity Tools On Our Holiday Wish List

The holiday season is upon us. After a difficult year, and facing an even more challenging year ahead, digital defense experts don’t have visions of sugar plums dancing in their heads. Instead, they dream of cybersecurity tools and other resources to help them cope with a wild threat landscape.  Here’s our ultimate holiday wish list. 
Publish At:2020-12-22 18:11 | Read:241 | Comments:0 | Tags:Application Security Artificial Intelligence Cloud Security

Application Intelligence Firm Bionic Emerges From Stealth With $17M in Funding

Palo-Alto, California-based application intelligence startup Bionic on Thursday announced that it has emerged from stealth mode with $17 million in seed and Series A funding.The company’s platform is designed to help enterprises perform an inventory of their applications (including cloud, Kubernetes and on-premises), identify their entire architecture, APIs
Publish At:2020-12-10 12:35 | Read:193 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Management & St

OpenSSF Launches Open Source Tool for Evaluating SAST Products

The Open Source Security Foundation (OpenSSF) announced on Wednesday at the Black Hat Europe conference the availability of an open source tool designed for evaluating the ability of static analysis security testing (SAST) products to detect vulnerabilities.The new tool, named OpenSSF CVE Benchmark, provides vulnerable code and metadata related to 218 known
Publish At:2020-12-09 17:05 | Read:151 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Vulnerabilities Bla

Tools

Tag Cloud