HackDig : Dig high-quality web security articles

Cisco discloses high-severity flaw impacting IP Phone 7800 and 8800 Series

Cisco disclosed a high-severity flaw in its IP phones that can be exploited to gain remote code execution and conduct DoS attacks. Cisco disclosed a high-severity vulnerability, tracked as CVE-2022-20968, impacting its IP Phone 7800 and 8800 Series (except Cisco Wireless IP Phone 8821). An unauthenticated, adjacent attacker can trigger the flaw to cause a
Publish At:2022-12-09 08:28 | Read:18214 | Comments:0 | Tags:Breaking News Security Cisco IP phone hacking news informati

Experts devised a technique to bypass web application firewalls (WAF) of several vendors

Claroty researchers devised a technique for bypassing the web application firewalls (WAF) of several vendors. Researchers at industrial and IoT cybersecurity firm Claroty devised an attack technique for bypassing the web application firewalls (WAF) of several industry-leading vendors. The technique was discovered while conducting unrelated research on
Publish At:2022-12-09 07:52 | Read:20292 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

Zombinder APK binding service used in multiple malware attacks

Zombinder is a third-party service on darknet used to embed malicious payloads in legitimate Android applications. While investigating a new malware campaign targeting Android and Windows systems, researchers at Threat Fabric discovered a darknet service, dubbed Zombinder, used to embed malicious payloads in legitimate Android apps. The campaign involv
Publish At:2022-12-08 18:30 | Read:31103 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Hacking Malware Mobile An

Pwn2Own Toronto 2022 Day 2: Participants earned $281K

Pwn2Own Toronto 2022 Day Two – Participants demonstrated exploits for smart speaker, smartphone, printer, router, and NAS. On the first day of the Zero Day Initiative’s Pwn2Own Toronto 2022 hacking competition participants earned $400,000 for 26 unique zero-day exploits. On the second day of the competition, participants earned more $281,000 for
Publish At:2022-12-08 15:48 | Read:17539 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

APT37 used Internet Explorer Zero-Day in a recent campaign

Google warns that the North Korea-linked APT37 group is exploiting Internet Explorer zero-day flaw to spread malware. North Korea-linked APT37 group (aka ScarCruft, Reaper, and Group123) actively exploited an Internet Explorer zero-day vulnerability, tracked as CVE-2022-41128, in attacks aimed at South Korean users. Google Threat Analysis Group researc
Publish At:2022-12-08 11:50 | Read:26057 | Comments:0 | Tags:APT Breaking News Hacking Malware APT37 hacking news informa

Android app with over 5m downloads leaked user browsing history

The Android app Web Explorer – Fast Internet left an open instance, exposing a trove of sensitive data that malicious actors could use to check specific users’ browsing history. Original post at https://cybernews.com/security/android-app-leaked-user-browsing-history/ A browsing app for Android devices, Web Explorer – Fast Internet, left open its Fireba
Publish At:2022-12-08 11:50 | Read:22968 | Comments:0 | Tags:Breaking News Mobile Security Android data leak Hacking hack

New Go-based botnet Zerobot exploits dozens of flaws

Researchers discovered a new Go-based botnet called Zerobot that exploits two dozen security vulnerabilities IoT devices. Fortinet FortiGuard Labs researchers have discovered a new Go-based botnet called Zerobot that spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications. “This botn
Publish At:2022-12-07 11:49 | Read:44556 | Comments:0 | Tags:Breaking News Cyber Crime Internet of Things Malware botnet

Pwn2Own Toronto 2022 hacking competition. Samsung S22 hacked

The Pwn2Own Toronto 2022 hacking competition has begun, this is the 10th anniversary of the consumer-focused version of the contest. The news of the Samsung Galaxy S22 hack on the first day of Pwn2Own Toronto 2022 made the headlines. White hat hackers that participated in the competition hacked the Samsung Galaxy S22 smartphone twice during the first day
Publish At:2022-12-07 07:51 | Read:32827 | Comments:0 | Tags:Breaking News Hacking Mobile Cybercrime data breach informat

Sophos fixed a critical flaw in its Sophos Firewall version 19.5

Sophos addressed several vulnerabilities affecting its Sophos Firewall version 19.5, including arbitrary code execution issues. Sophos has released security patches to address seven vulnerabilities in Sophos Firewall version 19.5, including some arbitrary code execution bugs. The most severe issue addressed by the security vendor is a critical code inj
Publish At:2022-12-07 03:53 | Read:44944 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

Russia’s second-largest bank VTB Bank under DDoS attack

Russia’s second-largest bank VTB Bank reveals it is facing the largest DDoS (distributed denial of service) attack in its history. State-owned VTB Bank, the second-largest financial institution in Russia, says it is facing the largest DDoS (distributed denial of service) attack in its history. The pro-Ukraine collective IT Army of Ukraine ha
Publish At:2022-12-06 15:47 | Read:68080 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Hacktivism DDoS hacking

A flaw in the connected vehicle service SiriusXM allows remote car hacking

Researchers discovered a security flaw in the connected vehicle service SiriusXM that exposes multiple car models to remote attacks. Cybersecurity researchers discovered a security vulnerability in the connected vehicle service provided by SiriusXM that can allow threat actors to remotely attack vehicles from multiple carmakers, including Honda, Nissan, I
Publish At:2022-12-06 11:49 | Read:87583 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Ransomware Toolkit Cryptonite turning into an accidental wiper

Researchers spotted a version of the open-source ransomware toolkit Cryptonite that doesn’t support decryption capabilities. Fortinet researchers discovered a sample of malware generated with the publicly available open-source ransomware toolkit Cryptonite that never offers the decryption window, turning it as a wiper. The experts also reported an
Publish At:2022-12-06 07:51 | Read:54915 | Comments:0 | Tags:Breaking News Cyber Crime Malware cryptonite ransomware tool

Crook sentenced to 18 months for stealing $20M in SIM swapping attack

Nicholas Truglia, from Florida, US, was sentenced to 18 months in prison for stealing more than $20 million in a SIM swapping scheme. DoJ announced that Nicholas Truglia (25) was sentenced to 18 months in prison for the theft of over $20 million worth of cryptocurrency through SIM swapping attacks. The man was ordered to pay $20,379,007 in restitution to
Publish At:2022-12-06 04:29 | Read:70818 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime hacking news in

French hospital cancels operations after a ransomware attack

A French hospital near Paris canceled operations and transfer some patients due to a cyber attack suffered over the weekend. France’s health ministry announced that the Hospital Centre of Versailles was hit by a cyber attack over the weekend. Hospital Centre of Versailles, which includes Andre-Mignot Hospital, Richaud Hospital and the Despagne Re
Publish At:2022-12-05 11:49 | Read:40768 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Security Cybercrim

Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators. “In the Box” dark web marketplace is leveraged by cybercriminals to attack over 300 financial institutions (FIs), payment systems, social media and online-retailers in 43 countries Resecurity, the California-base
Publish At:2022-12-05 08:27 | Read:80989 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Hacking Malware Mobile Da

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud