HackDig : Dig high-quality web security articles

New FamousSparrow APT group used ProxyLogon exploits in its attacks

Researchers spotted a new cyberespionage group, dubbed FamousSparrow, that used ProxyLogon exploits to target hotels worldwide. Researchers from ESET discovered a new cyberespionage group, tracked as FamousSparrow, that has been targeting hotels worldwide around the world since at least 2019. The group also hit higher-profile targets such as law firms, g
Publish At:2021-09-24 01:36 | Read:102 | Comments:0 | Tags:APT Breaking News Hacking Cyberespionage cyberespionahe Famo

Apple addresses a new zero-day exploited to deploy the NSO Pegasus spyware

Apple has addressed three zero-day vulnerabilities exploited by threat actors in attacks in the wild to take over iPhones and Macs. Apple has released security updates to address three zero-day vulnerabilities exploited in attacks in the wild to compromise iPhones and Macs running vulnerable iOS and macOS versions. Apple confirmed that at least one of
Publish At:2021-09-23 17:20 | Read:163 | Comments:0 | Tags:Breaking News Security Apple Hacking hacking news informatio

A bug in Microsoft Exchange Autodiscover feature leaks +372K of domain credentials

A flaw in the Microsoft Exchange Autodiscover feature can be exploited to harvest Windows domain and app credentials. Security researchers from Guardicore discovered a flaw in the Microsoft Exchange Autodiscover feature that can be exploited to harvest Windows domain and app credentials from users worldwide. The Microsoft Autodiscover protocol feature
Publish At:2021-09-23 16:46 | Read:147 | Comments:0 | Tags:Breaking News Hacking Security Exchange Autodiscover hacking

BulletProofLink, a large-scale phishing-as-a-service active since 2018

Microsoft uncovered a large-scale phishing-as-a-service operation, dubbed BulletProofLink, that enabled threat actors to easily carry out malicious campaigns. Microsoft researchers have uncovered a large-scale phishing-as-a-service (PHaaS) operation, dubbed BulletProofLink (aka Anthrax), that offers to its customers phishing kits, email templates, and ho
Publish At:2021-09-23 09:28 | Read:225 | Comments:0 | Tags:Breaking News Cyber Crime BulletProofLink Cybercrime Hacking

CVE-2021-40847 flaw in Netgear SOHO routers could allow remote code execution

CVE-2021-40847 flaw in Netgear SOHO routers could be exploited by a remote attacker to execute arbitrary code as root. Security experts from consulting firm GRIMM have discovered a vulnerability in Small Offices/Home Offices (SOHO) Netgear routers that could be exploited by a remote attacker to execute arbitrary code as root The flaw, tracked as CVE-
Publish At:2021-09-23 05:32 | Read:172 | Comments:0 | Tags:Breaking News Hacking Internet of Things CVE-2021-40847 hack

Crystal Valley hit by ransomware attack, it is the second farming cooperative shut down in a week

Minnesota-based farming supply cooperative Crystal Valley was hit by a ransomware attack, it is the second attack against the agriculture business in a few days. Minnesota farming supply cooperative Crystal Valley has suffered a ransomware attack, this is the second farming cooperative that was hit by ransomware operators in a few days. At this time, the
Publish At:2021-09-23 04:58 | Read:76 | Comments:0 | Tags:Breaking News Cyber Crime Malware agricolture Crystal Valley

US CISA, FBI, and NSA warn an escalation of Conti ransomware attacks

CISA, FBI, and the NSA warned today of an escalation of the attacks of the Conti ransomware gang targeting US organizations. CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) are warning of an increased number of Conti ransomware attacks against US organizations. @CISAgov and @FBI observed over 400 ransomware at
Publish At:2021-09-22 17:44 | Read:80 | Comments:0 | Tags:Breaking News Cyber Crime Security Cybercrime hacking news i

Flaws in Nagios Network Management systems pose risk to companies

Researchers found multiple flaws in widely used network management products from Nagios that pose serious risk to organizations. Researchers from industrial cybersecurity firm Claroty have discovered eleven vulnerabilities in widely used network management products from Nagios. Nagios XI provides monitoring of all mission-critical infrastructure compone
Publish At:2021-09-22 11:35 | Read:200 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

VMware addressed a critical flaw in vCenter Server. Patch it now!

VMware addressed a critical arbitrary file upload vulnerability that affects the default configuration of vCenter Server 6.7 and 7.0 deployments. VMware addressed a critical arbitrary file upload vulnerability, tracked as CVE-2021-22005, that impacts appliances running default vCenter Server 6.7 and 7.0 deployments. vCenter Server is the centralized m
Publish At:2021-09-22 05:32 | Read:142 | Comments:0 | Tags:Breaking News Security CVE-2021-22005 Hacking hacking news i

A zero-day flaw allows to run arbitrary commands on macOS systems

Security researchers disclosed a new zero-day flaw in Apple’s macOS Finder that can allow attackers to run arbitrary commands on Macs. Independent security researcher Park Minchan disclosed a zero-day vulnerability in Apple’s macOS Finder that can be exploited by attackers to run arbitrary commands on Mac systems running any macOS version.
Publish At:2021-09-21 21:06 | Read:75 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Turla APT group used a new backdoor in attacks against Afghanistan, Germany and the US

Russia-linked cyber espionage group Turla made the headlines again, the APT has employed a new backdoor in a recent wave of attacks Cisco Talos researchers reported that the Russia-linked Turla APT group recently used a new backdoor, dubbed TinyTurla, in a series of attacks against the US, Germany, and Afghanistan. The threat actors are using the backdo
Publish At:2021-09-21 16:46 | Read:121 | Comments:0 | Tags:APT Breaking News Malware Hacking hacking news information s

Black Matter gang demanded a $5.9M ransom to NEW Cooperative

U.S. The farmers cooperative NEW Cooperative was hit by Black Matter ransomware gang that is demanding a $5.9 million ransom. BlackMatter ransomware gang hit NEW Cooperative, a farmer’s feed and grain cooperative, and is demanding a $5.9 million ransom. The ransomware gang claims to have stolen 1,000 GB of data including the source code for the soi
Publish At:2021-09-21 04:58 | Read:237 | Comments:0 | Tags:Breaking News Cyber Crime Malware Black Matter Cybercrime Ha

Apache OpenOffice is currently impacted by a remote code execution flaw

Apache OpenOffice (AOO) is currently impacted by a remote code execution flaw, tracked as CVE-2021-33035, that has yet to be fixed in the official release. Security researcher Eugene Lim (@spaceraccoonsec) recently revealed technical details about a remote code execution flaw, tracked as CVE-2021-33035, (CVE-2021-33035) that impacts OpenOffice (AOO). Th
Publish At:2021-09-21 04:58 | Read:178 | Comments:0 | Tags:Breaking News Hacking Security Apache OpenOffice hacking new

Data of 106 million visitors to Thailand leaked online

Security researchers discovered an unsecured database exposed online containing the personal information of millions of visitors to Thailand. The popular cybersecurity research Bob Diachenko discovered his personal data online stored on an unprotected Elasticsearch database containing the personal details of more than 106 million visitors to Thailand.
Publish At:2021-09-21 01:02 | Read:152 | Comments:0 | Tags:Breaking News Data Breach data breach hacking news informati

Large phishing campaign targets EMEA and APAC governments

Security researchers uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries.  Researchers from cybersecurity firm Cyjax uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries.  The phishing campaign has been ongoing since spring 2020 when the domains we
Publish At:2021-09-20 14:25 | Read:57 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Cybercrime hacking ne

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud

Keywords