HackDig : Dig high-quality web security articles for hacker

Panther Labs Launches Open-Source Cloud-Native SIEM

San Francisco-based cloud security startup Panther Labs has launched the first stable version of its open-source security information and event management (SIEM) solution, Panther.Fully running on top of cloud-native services offered by AWS (including Lambda, ECS, DynamoDB, S3, Cognito, and more), the new solution promises a new approach to SIEM, aiming to p
Publish At:2020-04-01 09:53 | Read:78 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security Cloud

New Raccoon Stealer uses Google Cloud Services to evade detection

Researchers found a piece of Raccoon Stealer that abuse of Google Cloud Services and leverages multiple delivery techniques. Racoon malware (aka Legion, Mohazo, and Racealer) is an info-stealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware is cheap compared to similar threats, it is able
Publish At:2020-04-01 05:40 | Read:109 | Comments:0 | Tags:Breaking News Cyber Crime Malware Hacking information securi

Raccoon Stealer’s Abuse of Google Cloud Services and Multiple Delivery Techniques

With additional insights/analysis from Augusto Remillano II and Don Ovid Ladores Raccoon emerged as Malware as a Service (MaaS) last April 2019. Despite its simplicity, Raccoon became popular among cybercriminals and was mentioned as a notable emerging malware in underground forums in a malware popularity report. The malware is capable of stealing login cred
Publish At:2020-03-31 23:40 | Read:130 | Comments:0 | Tags:Malware info stealer MaaS Cloud

TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference

Vulnerability title: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer DereferenceAuthor: Pietro OlivaCVE: CVE-2020-10231Vendor: TP-LINKProduct: NC200, NC210, NC220, NC230, NC250, NC260, NC450Affected version: NC200 <= 2.1.8 build 171109, NC210 <= 1.0.9 build 171214, NC220 <= 1.3.0 build 180105, NC230 <= 1.3.0 build 171205,
Publish At:2020-03-31 16:17 | Read:88 | Comments:0 | Tags: Cloud

Palo Alto Networks to Acquire CloudGenix for $420 Million

Palo Alto Networks on Tuesday announced that it has entered into a definitive agreement to acquire enterprise SD-WAN solutions provider CloudGenix for roughly $420 million.Palo Alto Networks’ Prisma Access solution enables organizations to protect remote networks and mobile users, and it provides secure access to enterprise applications.By acquiring CloudGen
Publish At:2020-03-31 14:55 | Read:76 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security Management & Strategy

APPLE-SA-2020-03-25-1 iCloud for Windows 10.9.3

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2020-03-25-1 iCloud for Windows 10.9.3iCloud for Windows 10.9.3 is now available and addresses thefollowing:libxml2Available for: Windows 10 and later via the Microsoft StoreImpact: Multiple issues in libxml2Description: A buffer overflow was addressed with improved sizevalidation.CVE-2020-3910: LGTM.com
Publish At:2020-03-27 17:27 | Read:225 | Comments:0 | Tags: Cloud

APPLE-SA-2020-03-25-2 iCloud for Windows 7.18

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2020-03-25-2 iCloud for Windows 7.18iCloud for Windows 7.18 is now available and addresses the following:libxml2Available for: Windows 7 and laterImpact: Multiple issues in libxml2Description: A buffer overflow was addressed with improved sizevalidation.CVE-2020-3910: LGTM.comlibxml2Available for: Window
Publish At:2020-03-27 17:27 | Read:298 | Comments:0 | Tags: Cloud

The Future is Hybrid: Practicing Security in the Hybrid Cloud

By now, many organizations have adopted the cloud in some way. We saw organizations moving whole servers over to the cloud at the beginning, but now we see small parts of a system being moved to the cloud and new cloud native offerings. We’ll use the analogies of Lincoln Logs and Legos to describe these deployment models.Infrastructure-as-a-Service (IaaS): W
Publish At:2020-03-26 06:50 | Read:182 | Comments:0 | Tags:Cloud Hybrid security

Cloud Native Threats: The Role of Infrastructure

Every malicious campaign needs a robust supporting infrastructure, and attackers are constantly evolving new ways to improve availability and resilience.Domain Generation Algorithms, Fast Flux Botnets, peer-to-peer protocols and anonymizers, are just few of the techniques that cyber-criminals have adopted to hide their command and control and malware distrib
Publish At:2020-03-25 09:55 | Read:132 | Comments:0 | Tags: Cloud

Adobe addressed a critical vulnerability in Adobe Creative Cloud App that allows deleting files

Adobe has addressed a critical vulnerability in its Creative Cloud desktop application that can be exploited by hackers to delete arbitrary files. Adobe has fixed a critical vulnerability in its Creative Cloud desktop application that can be exploited by attackers to delete arbitrary files. Creative Cloud is a collection of 20+ desktop and mobile apps
Publish At:2020-03-24 13:32 | Read:148 | Comments:0 | Tags:Breaking News Security Adobe Adobe Creative Cloud App inform

Critical Flaw in Adobe Creative Cloud App Allows Hackers to Delete Files

A critical vulnerability patched on Tuesday by Adobe in its Creative Cloud desktop application can be exploited by hackers to delete arbitrary files.Adobe Creative Cloud is a set of applications and services used for video editing, graphic design, photography and web development. The Creative Cloud desktop application allows users to easily manage their apps
Publish At:2020-03-24 12:13 | Read:182 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities Cloud

Do You Know Your Responsibilities When It Comes to Container Security?

As you migrate your enterprise to the public cloud or multicloud, you want to realize some of its inherent benefits regardless of what service model you utilize. Whether your goal is cost optimization, scalability or elasticity, the cloud can allow your enterprise to adopt newer, cutting-edge technologies to innovate your business without the burden of havin
Publish At:2020-03-24 07:55 | Read:211 | Comments:0 | Tags:Cloud Security Application Development Application Security

7 Spring Cleaning Tasks to Improve Data Security

This year, March 19 ushered in spring in the Northern Hemisphere — the first time since 1896 that the season has started so early. So why not take advantage of the season’s early arrival to do some spring cleaning, not only of your physical space, but of your data and systems, too? Digital spring cleaning can make your life easier and dramatically impr
Publish At:2020-03-20 10:40 | Read:179 | Comments:0 | Tags:Data Protection Mobile Security Application Security Cloud C

Cloud Database Leak Exposes 425GB of Small Biz Financial Data

Over half a million highly sensitive legal and financial documents have been leaked online by a US loans company after another cloud configuration error.Security researchers at vpnMentor led by Noam Rotem found the database in an unsecured Amazon Web Services (AWS) S3 bucket at the end of December.It appears to be linked to a smartphone app known as MCA Wiza
Publish At:2020-03-18 07:14 | Read:197 | Comments:0 | Tags: Cloud

How Organizations Can Achieve Security Availability

We have seen great strides in improving security tooling and processes over the past ten years. Via constantly maturing security models, security teams have become increasingly dependent upon an ever-more complex toolchain of products and services.But what happens when these systems fail. How much effort are we putting into planning and maintaining our secur
Publish At:2020-03-18 00:10 | Read:270 | Comments:0 | Tags:Cloud Availability

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud