HackDig : Dig high-quality web security articles for hackers

A scan of 4 Million Docker images reveals 51% have critical flaws

Security experts analyzed 4 million public Docker container images hosted on Docker Hub and found half of them was having critical flaws. Container security firm Prevasio has analyzed 4 million public Docker container images hosted on Docker Hub and discovered that the majority of them had critical vulnerabilities. The cybersecurity firm used its Prev
Publish At:2020-12-03 06:24 | Read:11 | Comments:0 | Tags:Breaking News Hacking Security Docker Docker Hub hacking new

Russia-linked APT Turla used a new malware toolset named Crutch

Russian-linked cyberespionage group Turla employed a new malware toolset, named Crutch, in targeted attacks aimed at high-profile targets. Russian-linked APT group Turla has used a previously undocumented malware toolset, named Crutch, in cyberespionage campaigns aimed at high-profile targets, including the Ministry of Foreign Affairs of a European Union
Publish At:2020-12-02 18:42 | Read:92 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Intelligence Malware

K12 education giant paid the ransom to the Ryuk gang

Online education giant K12 Inc. was hit by Ryuk ransomware in the middle of November and now has paid a ransom to avoid data leak. The education company Online education giant K12 Inc. has paid a ransom to the ransomware operators after the gang infected its systems in November. K12 Inc. is a for-profit education company that sells online schooling and
Publish At:2020-12-02 18:42 | Read:96 | Comments:0 | Tags:Breaking News Cyber Crime Malware K12 malware ransomware Ryu

APT groups targets US Think Tanks, CISA, FBI warn

Cybersecurity and Infrastructure Security Agency (CISA) and FBI are warning of attacks carried out by threat actors against United States think tanks. APT groups continue to target United States think tanks, the Cyber Security and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warn. The work of US think tanks has a gre
Publish At:2020-12-02 14:48 | Read:136 | Comments:0 | Tags:APT Breaking News Hacking Intelligence CISA hacking news inf

Google discloses a zero-click Wi-Fi exploit to hack iPhone devices

Google Project Zero expert Ian Beer on Tuesday disclosed a critical “wormable” iOS flaw that could have allowed to hack iPhone devices. Google Project Zero white-hat hacker Ian Beer has disclosed technical details of a critical “wormable” iOS bug that could have allowed a remote attacker to take over any device in the vicinity ove
Publish At:2020-12-02 10:54 | Read:110 | Comments:0 | Tags:Breaking News Hacking Mobile hacking news information securi

Multi-Vector Miner+Tsunami Botnet with SSH Lateral Movement

Security researcher Tolijan Trajanovski (@tolisec) analyzed the multi-vector Miner+Tsunami Botnet that implements SSH lateral movement. A fellow security researcher, 0xrb, shared with me samples of a botnet that propagates using weblogic exploit. The botnet was also discovered by @BadPackets 5 days ago and it is still active as of now, December
Publish At:2020-12-02 07:00 | Read:45 | Comments:0 | Tags:Breaking News Internet of Things Malware botnet Hacking hack

Malicious npm packages spotted delivering njRAT Trojan

npm security staff removed two packages that contained malicious code to install the njRAT remote access trojan (RAT) on developers’ computers. Security staff behind the npm repository removed two packages that were found containing the malicious code to install the njRAT remote access trojan (RAT) on computers of JavaScript and Node.js developers w
Publish At:2020-12-01 19:18 | Read:114 | Comments:0 | Tags:Breaking News Hacking Malware hacking news information secur

French pharmaceuticals distribution platform Apodis Pharma leaking 1.7+ TB of confidential data

The CyberNews investigation team discovered French pharmaceuticals distribution platform Apodis Pharma leaking 1.7+ TB of confidential data. Original post @ https://cybernews.com/security/french-pharmaceuticals-distribution-platform-leaking-1-7-tb-confidential-data/ The CyberNews investigation team discovered an unsecured, publicly accessible Kibana da
Publish At:2020-12-01 19:18 | Read:124 | Comments:0 | Tags:Breaking News Data Breach Apodis Pharma Hacking hacking news

DarkIRC botnet is targeting the critical Oracle WebLogic CVE-2020-14882

The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. The CVE-2020-14882 can be exploited by unauthe
Publish At:2020-12-01 15:24 | Read:78 | Comments:0 | Tags:Breaking News Cyber Crime Hacking botnet CVE-2020-14882 Dark

Baltimore County Schools close after a ransomware attack

Baltimore County Schools were hit by a ransomware attack that forced them to close leaving more than 100,000 students out. Baltimore County Schools are still closed following a ransomware attack and unfortunately, at the time of this writing, it is impossible to predict when school will resume. School officials notified state and federal law enforceme
Publish At:2020-12-01 12:01 | Read:97 | Comments:0 | Tags:Breaking News Cyber Crime Malware Baltimore County Schools H

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Microsoft warns of Vietnam-linked Bismuth group that is deploying cryptocurrency miner while continues its cyberespionage campaigns Researchers from Microsoft reported that the Vietnam-linked Bismuth group, aka OceanLotus, Cobalt Kitty, or APT32, is deploying cryptocurrency miners while continues its cyberespionage campaigns. New blog: The threat acto
Publish At:2020-12-01 08:07 | Read:99 | Comments:0 | Tags:APT Breaking News Hacking Malware BISMUTH hacking news infor

UK gov bans new Huawei equipment installs after Sept 2021

The British government will ban the installation of new Huawei equipment in the 5G networks of Wireless carriers after September 2021. The British government will not allow the installation of new Huawei equipment in the 5G networks of Wireless carriers after September 2021. The decision to ban the Chinese giant from the building of the 5G networks was
Publish At:2020-12-01 07:36 | Read:57 | Comments:0 | Tags:Breaking News Security Huawei Intelligence UK

Talos reported WebKit flaws in WebKit that allow Remote Code Execution

Talos experts found flaws in the WebKit browser engine that can be also exploited for remote code execution via specially crafted websites. Cisco’s Talos team discovered security flaws in the WebKit browser engine, including flaws that can be exploited by a remote attacker to gain code execution by tricking the user into visiting a malicious website. W
Publish At:2020-12-01 06:20 | Read:91 | Comments:0 | Tags:Breaking News Hacking WebKit

Exploring malware to bypass DNA screening and lead to ‘biohacking’ attacks

Boffins from the Ben-Gurion University of the Negev described a new cyberattack on DNA scientists that could open to biological warfare. A team of researchers from the Ben-Gurion University of the Negev described a new cyberattack on DNA scientists that could open to biological warfare. Scientists play a crucial role in modern society, especially durin
Publish At:2020-11-30 19:54 | Read:129 | Comments:0 | Tags:Breaking News Hacking Malware hacking news information secur

Exclusive: Experts from TIM’s Red Team Research (RTR) found 6 zero-days

TIM’s Red Team Research led by Massimiliano Brolli discovered 6 new zero-day vulnerabilities in Schneider Electric StruxureWare. Today, TIM’s Red Team Research led by Massimiliano Brolli, discovered 6 new vulnerabilities in the StruxureWare product. The flaws have been addressed by the manufacturer Schneider Electric, between April and November 2020.
Publish At:2020-11-30 19:54 | Read:71 | Comments:0 | Tags:Breaking News Hacking ICS-SCADA

Tools

Keywords