HackDig : Dig high-quality web security articles for hackers

Data Security Providers Netwrix and Stealthbits Merge

Data security solutions provider Netwrix has merged with Stealthbits, a cybersecurity company focused on protecting sensitive data and credentials. Founded in 2006, the Irvine, California-based Netwrix claims to provide over 10,000 organizations around the world with the necessary tools to reclaim control over sensitive, business-critical data, helping
Publish At:2021-01-05 16:29 | Read:132 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Privacy Audits Email S

SASE Provider iboss Banks $145 Million Equity Funding

Cloud-delivered network security startup iboss on Tuesday announced the closing of a new $145 million financing deal to speed up growth in a lucrative market.iboss, founded by twin brothers Paul and Peter Martini five years ago, previously banked $35 million in venture capital funding from Goldman Sachs.The new round of financing was led by NightDragon and F
Publish At:2021-01-05 16:29 | Read:207 | Comments:0 | Tags:Endpoint Security Mobile Security NEWS & INDUSTRY Audits

Slack Outage Causing Enterprise Security Hiccups

Business communications platform Slack is scrambling to recover from an ongoing outage that is proving disruptive to cybersecurity response teams around the world.At 7:15AM PST, the San Francisco, Calif.-based Slack confirmed users were “having trouble loading channels or connecting to Slack.”   No other details were provided on the cause of the ou
Publish At:2021-01-04 13:11 | Read:168 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Application Security A

France Fines Google, Amazon 135 Mn Euros

France's CNIL data privacy watchdog slapped 135 million euros in fines on US tech titans Google and Amazon for placing advertising cookies on users' computers without consent.The 100-million-euro fine against Google is the largest sanction the regulator has ever imposed, which it justified by the fact 90 percent of French internet users use the firm's search
Publish At:2020-12-11 11:59 | Read:202 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Audits Compliance Privacy &

FERC Releases Staff Report on Lessons Learned from CIP Audits

In October, the Federal Energy Regulatory Commission (FERC) released its “2020 Staff Report Lessons Learned from Commission-Led CIP Reliability Audits.” The report summarizes the Commission’s observations from Critical Infrastructure Protection (CIP) audits performed in conjunction with staff from Regional Entities and the North American Electric Reliability
Publish At:2020-12-02 02:44 | Read:174 | Comments:0 | Tags:ICS Security audits FERC lessons learned NERC CIP

Trend Micro Releases Free Tool to Tackle Misinformation

Cybersecurity solutions provider Trend Micro this week announced the release of a free tool designed to help users boost their privacy online and fight misinformation.Dubbed Trend Micro Check, the new tool seeks to help users stay protected from privacy violations, false claims, and disinformation.The launch of this tool, Trend Micro says, was prompted by th
Publish At:2020-11-20 16:47 | Read:428 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Audits Fraud & Identity Thef

Efficient audits with machine learning and Slither-simil

by Sina Pilehchiha, Concordia University Trail of Bits has manually curated a wealth of data—years of security assessment reports—and now we’re exploring how to use this data to make the smart contract auditing process more efficient with Slither-simil. Based on accumulated knowledge embedded in previous audits, we set out to detect similar vulnerable code s
Publish At:2020-10-23 13:19 | Read:390 | Comments:0 | Tags:Audits Internship Projects audits experiment Machine Learnin

Irish Regulator Investigates Instagram Over Children's Data

Irish privacy regulators have opened two investigations into Instagram over the social media site’s handling of young people’s personal data.Ireland’s Data Protection Commission said it launched the investigations in September after receiving complaints about the company. Facebook, which owns Instagram and has its European headquarters in Ireland, said it’s
Publish At:2020-10-20 08:04 | Read:408 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Audits Compliance Data Protectio

StreamDivert: Relaying (specific) network connections

Author: Jelle Vergeer The first part of this blog will be the story of how this tool found its way into existence, the problems we faced and the thought process followed. The second part will be a more technical deep dive into the tool itself, how to use it, and how it works. Storytime About 1½ half years ago I did an awesome Red Team like project.
Publish At:2020-09-10 15:25 | Read:426 | Comments:0 | Tags:audits Blog pentest Uncategorized

DARPA Bug Bounty Program Seeks to Harden SSITH Hardware Protections

The Defense Advanced Research Projects Agency (DARPA) is running a bug bounty program in an effort to find security vulnerabilities in a new, advanced implementation of the System Security Integration Through Hardware and Firmware (SSITH) program.DARPA launched SSITH in 2017 to help protect electronic systems from common means of exploitation by addressing t
Publish At:2020-06-10 10:06 | Read:665 | Comments:0 | Tags:NEWS & INDUSTRY Audits Vulnerabilities Management &

Data From Joomla Resources Directory Exposed via Unprotected AWS Bucket

An unprotected Amazon Web Services (AWS) S3 bucket exposed the details of 2,700 users who signed up for the Joomla Resources Directory (JRD), Joomla’s Incident Response Task Group reported last week.An internal website audit revealed that a third-party company owned by a former leader of the Joomla Resource Directory team — they are still a member of the JRD
Publish At:2020-06-01 13:46 | Read:698 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Audits Incident Response Data Pr

FTC Settles With Canadian Smart Lock Maker Over Security Practices

The Federal Trade Commission (FTC) has approved a settlement with Canadian smart lock maker Tapplock, which allegedly falsely claimed that its devices were designed to be “unbreakable.”Toronto-based Tapplock, Inc. is an Internet of Things (IoT) technology company that provides smart security solutions for both business and end-users alike. It sells Internet-
Publish At:2020-05-26 11:03 | Read:628 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Audits Compliance Risk Managemen

LDAPFragger: Command and Control over LDAP attributes

  Introduction A while back during a penetration test of an internal network, we encountered physically segmented networks. These networks contained workstations joined to the same Active Directory domain, however only one network segment could connect to the internet. To control workstations in both segments remotely with Cobalt Strike, we built a tool
Publish At:2020-03-19 06:53 | Read:1148 | Comments:0 | Tags:audits Blog Cobalt Strike pentest Uncategorized

Aussie Watchdog Sues Facebook Over Cambridge Analytica Breach

Australia's privacy watchdog announced legal action against Facebook Monday for alleged "systematic failures" exposing more than 300,000 Australians to a data breach by Cambridge Analytica.The Office of the Australian Information Commissioner said it had initiated proceedings against the tech giant and that Facebook committed "serious and/or repeated interfe
Publish At:2020-03-09 10:09 | Read:1277 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Audits Incident Response Complia

Microsoft Trials Election Security Solution in Wisconsin

Microsoft representatives are in Fulton, Wisconsin, on Tuesday to conduct the first real-world trials for ElectionGuard, the company’s open source election security solution.Introduced in May 2019, the free software development kit (SDK) was created in collaboration with Galois, aiming to provide end-to-end verification of elections. Moreover, the tool opens
Publish At:2020-02-18 12:14 | Read:972 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Audits Security Arc

Tools

Tag Cloud