HackDig : Dig high-quality web security articles for hacker

Source code of Dharma ransomware now surfacing on public hacking forums

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware, is up for sale on two Russian-language hacking forums. The Dharma ransomware first appeared on the threat landscape in February 2016, at the ti
Publish At:2020-03-29 15:19 | Read:266 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Hacking informa

Security Affairs newsletter Round 257

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Coronavirus-themed attacks March 15 – March 21, 2020 Google addresses high severity bugs in Chrome Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records Security firm accidentally exposed an unprote
Publish At:2020-03-29 11:07 | Read:123 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Coronavirus-themed attacks March 22 – March 28, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 22 to March 28, 2020. Threat actors exploit the interest in the COVID19 outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. March 23 – COVID19-themed cam
Publish At:2020-03-29 11:07 | Read:113 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware coronavirus covid1

Critical buffer overflow in CODESYS allows remote code execution

Experts discovered an easily exploitable heap-based buffer overflow flaw, tracked as CVE-2020-10245, that exists in the CODESYS web server. A critical heap-based buffer overflow flaw in a web server for the CODESYS automation software for engineering control systems could be exploited by a remote, unauthenticated attacker to crash a server or execute arbi
Publish At:2020-03-28 12:22 | Read:125 | Comments:0 | Tags:Breaking News Hacking ICS-SCADA buffer overflow CODESYS heap

Hackers target zero-day flaws in enterprise Draytek network devices

Experts from Qihoo 360’s NetLab recently spotted two zero-day campaigns targeting DrayTek enterprise-grade networking devices. Since December 2019, researchers from Qihoo 360 observed two different attack groups that are employing two zero-days exploits to take over DrayTek enterprise routers to eavesdrop on FTP and email traffic inside corporate n
Publish At:2020-03-28 08:00 | Read:129 | Comments:0 | Tags:Breaking News Hacking information security news it security

AMD admits hacker stole source code files related to its GPUs

AMD admitted that a hacker has stolen files related to some of its graphics products, but it downplayed the potential impact of the hack. AMD admitted that a hacker that goes online with the moniker “Palesa” has stolen source code files related to some of its graphics products, but it downplayed the potential impact of the hack. The hacker claims to h
Publish At:2020-03-28 05:11 | Read:85 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Hacking data breach in

0patch releases free unofficial patches for Windows 0days exploited in the wild

ACROS Security’s 0patch service released unofficial patches for two Windows flaws actively exploited by attackers in the wild. ACROS Security’s 0patch service released unofficial patches for two Windows vulnerabilities actively exploited by attackers in the wild, both issues have yet to be fixed by Microsoft. A few days ago, Microsoft warned of hacker
Publish At:2020-03-27 14:00 | Read:112 | Comments:0 | Tags:Breaking News Security 0Patch Hacking information security n

Google issued 40,000 alerts of State-Sponsored attacks in 2019

Google announced to have warned users of almost 40,000 alerts of state-sponsored phishing or malware attacks during 2019. Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing or malware attacks to its users during 2019. The number of alerts decreased by
Publish At:2020-03-27 12:05 | Read:155 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Malware Security Google

A missing authorization check in WordPre WPvivid plugin that can lead to the exposure of the database and all files

Researchers warn of a security flaw recently addressed in the WPvivid Backup Plugin that could be exploited to obtain all files of a WordPress website. WebARX experts warn of a missing authorization check recently addressed in the WPvivid Backup Plugin that could be exploited to obtain all files of a WordPress website. “There is a missing author
Publish At:2020-03-27 09:48 | Read:217 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cross-site request forgery

Ryuk Ransomware operators continue to target hospitals during COVID19 outbreak

Operators behind the Ryuk Ransomware continue to target hospitals even as these organizations are involved in the fight against the Coronavirus pandemic. The threat actors behind the infamous Ryuk Ransomware continue to target hospitals, even as they are involved in containing the Coronavirus outbreak. The decision of the operators is not aligned with
Publish At:2020-03-27 06:01 | Read:203 | Comments:0 | Tags:Breaking News Cyber Crime Malware coronavirus covid19 Cyberc

Operation Poisoned News: Hong Kong iOS users targeted with watering hole attacks

Operation Poisoned News – Experts observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to spy on them. Security experts at Trend Micro have observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor tracked as lightSpy. Attackers used malicious l
Publish At:2020-03-26 18:10 | Read:186 | Comments:0 | Tags:Breaking News Hacking Malware Mobile Security information se

Stealing videos from VLC

An unauthenticated insecure direct object reference (IDOR) issue in VLC for iOS could allow a local attacker to steal media from the storage. VLC for iOS was vulnerable to an unauthenticated insecure direct object reference (IDOR) which could allow a local attacker to steal media from the storage by just navigating to the source URL/IP. This was poss
Publish At:2020-03-26 14:50 | Read:184 | Comments:0 | Tags:Breaking News Hacking iOS it security it security news Pierl

Hackers hijack D-Link and Linksys routers to point users to coronavirus-themed sites serving malware

The number of Coronavirus-themed attacks continues to increase, crooks hijack D-Link and Linksys routers to redirect users to sites spreading COVID19-themed malware. Crooks continue to launch Coronavirus-themed attacks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware. Hackers co
Publish At:2020-03-26 11:02 | Read:142 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware coronavirus covid1

FBI shuts down the Russian-based hacker platform DEER.IO

The FBI shuts down Deer.io, a Russian-based online platform that has been hosting hundreds of online shops where illegal products and services were being sold, The Department of Justice announced on Tuesday, that the Federal Bureau of Investigation has recently taken down the Russian-based online platform DEER.IO that is hosting various cybercrime produc
Publish At:2020-03-26 08:45 | Read:159 | Comments:0 | Tags:Breaking News Cyber Crime Cybercrime Deer.io Hacking hacking

WordPress WP-VCD malware delivered via pirated Coronavirus plugins

Crooks behind the WordPress WP-VCD malware are distributing pirated versions of the Coronavirus plugins that inject a backdoor into websites. behind the WordPress WP-VCD malware are distributing pirated versions of the Coronavirus plugins that inject a backdoor into websites The malware was first spotted in July 2017 by the Italian security expert Man
Publish At:2020-03-26 07:15 | Read:136 | Comments:0 | Tags:Breaking News Cyber Crime Malware covid19 hacking news infor

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud