HackDig : Dig high-quality web security articles

US sanctioned crypto mixer Tornado Cash used by North Korea-linked APT

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned the crypto mixer service Tornado Cash used by North Korea. The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned the crypto mixer service Tornado Cash used by North Korean-linked Lazarus APT Group. Today, Treasury sanctioned vi
Publish At:2022-08-09 08:10 | Read:163 | Comments:0 | Tags:APT Breaking News Cyber Crime Digital ID Hacking hacking new

Malicious file analysis – Example 01

Cyber Security Specialist Zoziel Pinto Freire shows an example of malicious file analysis presented during his lecture on BSides-Vitória 2022. My objective with this series of articles is to show examples of malicious file analysis that I presented during my lecture on BSides-Vitória 2022. For this first one, I’ll briefly introduce some crucial
Publish At:2022-08-09 05:27 | Read:114 | Comments:0 | Tags:Breaking News Malware Hacking hacking news IT Information Se

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

Experts spotted a new botnet named Orchard using Bitcoin creator Satoshi Nakamoto’s account information to generate malicious domains. 360 Netlab researchers recently discovered a new botnet named Orchard that uses Satoshi Nakamoto’s Bitcoin account (1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa) transaction information to generate DGA domain name. &
Publish At:2022-08-08 21:31 | Read:171 | Comments:0 | Tags:Breaking News Cyber Crime Digital ID Malware Hacking hacking

Twilio discloses data breach that impacted customers and employees

Communications company Twilio discloses a data breach after threat actors have stolen employee credentials in an SMS phishing attack. Communications company Twilio discloses a data breach, threat actors had access to the data of some of its customers. The attackers accessed company systems using employee credentials obtained through a sophisticated SMS ph
Publish At:2022-08-08 15:20 | Read:147 | Comments:0 | Tags:Breaking News Data Breach Hacking Cybercrime hacking news in

LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities

LogoKit – Threat actors leveraging Open Redirect Vulnerabilities popular in online services and apps to bypass spam filters in phishing campaigns. Resecurity, Inc. (USA), a Los Angeles-based cybersecurity company providing managed threat detection and response for Fortune 500’s, identified threat actors leveraging Open Redirect Vulnerabilities
Publish At:2022-08-08 13:23 | Read:111 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Security hacking n

Microsoft is blocking Tutanota email addresses from registering a MS Teams account

Microsoft is actively blocking Tutanota email addresses from registering a Microsoft Teams account. Tutanota is an end-to-end encrypted email app and a freemium secure email service, as of March 2017, Tutanota’s owners claimed to have over 2 million users. The news is that Microsoft is actively blocking Tutanota email addresses from registering
Publish At:2022-08-08 05:27 | Read:69 | Comments:0 | Tags:Breaking News Digital ID Security hacking news information s

Attackers abuse open redirects in Snapchat and Amex in phishing attacks

Threat actors abuse open redirects on Snapchat and American Express to launch phishing attacks against Microsoft 365 users. Attackers abused open redirects on the websites of Snapchat and American Express as part of a phishing campaign targeting Microsoft 365 users. The term Open URL redirection, open redirects, refers to a security issue that makes it
Publish At:2022-08-08 05:27 | Read:148 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime hacking news in

Serious cyberattack hits German Chambers of Industry and Commerce (DIHK)

A massive cyberattack hit the website of the German Chambers of Industry and Commerce (DIHK) this week. A massive attack hit the website of the German Chambers of Industry and Commerce (DIHK) forcing the organization to shut down its IT systems as a precautionary measure for security reasons. Aktuell wird intensiv an Lösung und Abwehr gearbeitet.
Publish At:2022-08-07 13:23 | Read:180 | Comments:0 | Tags:Breaking News Hacking DIHK German Chambers of Industry and C

GwisinLocker ransomware exclusively targets South Korea

Researchers spotted a new family of ransomware, named GwisinLocker, that encrypts Windows and Linux ESXi servers. Researchers warn of a new ransomware called GwisinLocker which is able to encrypt Windows and Linux ESXi servers. The ransomware targets South Korean healthcare, industrial, and pharmaceutical companies, its name comes from the name of the aut
Publish At:2022-08-07 09:25 | Read:174 | Comments:0 | Tags:Breaking News Cyber Crime Malware GwisinLocker hacking news

Security Affairs newsletter Round 377

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Greek intelligence service used surveillance malware to spy on a journalist, Reuters reportsS
Publish At:2022-08-07 09:25 | Read:222 | Comments:0 | Tags:Breaking News Cybercrime data breach Hacking information sec

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports

Greek intelligence admitted it had spied on a journalist, while citizens ask the government to reveal the use of surveillance malware. The head of the Greek intelligence told a parliamentary committee that they had spied on a journalist with surveillance malware, Reuters reported citing two sources present. The revelation comes while media and journali
Publish At:2022-08-06 17:33 | Read:238 | Comments:0 | Tags:Breaking News Intelligence Malware Greek intelligence Hackin

Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes

Slack is resetting passwords for approximately 0.5% of its users after a bug exposed salted password hashes when users created or revoked a shared invitation link for their workspace Slack announced that it is resetting passwords for about 0.5% of its users after a bug exposed salted password hashes when creating or revoking shared invitation links for wo
Publish At:2022-08-06 14:11 | Read:182 | Comments:0 | Tags:Breaking News Security Hacking hacking news information secu

Twitter confirms zero-day used to access data of 5.4 million accounts

Twitter confirmed that the recent data breach that exposed data of 5.4 million accounts was caused by the exploitation of a zero-day flaw. At the end of July, a threat actor leaked data of 5.4 million Twitter accounts that were obtained by exploiting a now-fixed vulnerability in the popular social media platform. The threat actor offered for sale the s
Publish At:2022-08-05 18:09 | Read:319 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Hacking Cybercrime dat

The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases

Dark Utilities “C2-as-a-Service” is attracting a growing number of customers searching for a command-and-control for their campaigns. The popularity of the Dark Utilities “C2-as-a-Service” is rapidly increasing, over 3,000 users are already using it as command-and-control for their campaigns. Dark Utilities was launched in
Publish At:2022-08-05 17:33 | Read:295 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Hacking Malware c2-as-a-s

DHS warns of critical flaws in Emergency Alert System encoder/decoder devices

The U.S. DHS warns of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices. The Department of Homeland Security (DHS) warned of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices. Threat actors could exploit the flaws to send fake emergency alerts via TV, radio networks, and cable
Publish At:2022-08-05 11:10 | Read:219 | Comments:0 | Tags:Breaking News Hacking Security DHS Emergency Alert System ha

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud