HackDig : Dig high-quality web security articles

Exploited Control Web Panel Flaw Added to CISA 'Must-Patch' List

The US government’s cybersecurity agency CISA is giving federal agencies an early February deadline to patch a critical -- and already exploited -- security vulnerability in the widely used CentOS Control Web Panel utility.The agency added the CVE-2022-44877 flaw to its KEV (Known Exploited Vulnerabilities) catalog and set a February 7th deadline for federal
Publish At:2023-01-18 14:30 | Read:91896 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

Pro-Russian Group DDoS-ing Governments, Critical Infrastructure in Ukraine, NATO Countries

A Pro-Russian cybercrime group named NoName057(16) is actively launching distributed denial-of-service (DDoS) attacks against organizations in Ukraine and NATO countries.Also known as NoName05716, 05716nnm or Nnm05716, the threat actor has been supporting Russia’s invasion of Ukraine since March 2022, launching disruptive attacks against government and criti
Publish At:2023-01-13 06:34 | Read:99855 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Cybercrime DDOS

Sophisticated 'Dark Pink' APT Targets Government, Military Organizations

Cybersecurity firm Group-IB is raising the alarm on a newly identified advanced persistent threat (APT) actor targeting government and military organizations in Asia and Europe.Referred to as Dark Pink, the threat actor was seen launching seven successful attacks against high-profile targets since June 2022, but it appears to have been active since at least
Publish At:2023-01-12 10:32 | Read:98065 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Virus & Threats

Investors Bet Big on Subscription-Based Security Skills Training

Hack The Box, a British startup working on technology to simplify cybersecurity skills training, has banked a $55 million funding round as venture capital investors place big bets on the subscription-based talent assessment space.Hack the Box said the $55 million Series B was led by global investment firm Carlyle. Paladin Capital Group, Osage University Part
Publish At:2023-01-11 14:30 | Read:71584 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

Microsoft Flags Ransomware Problems on Apple's macOS Platform

Security researchers at Microsoft are flagging ransomware attacks on Apple’s flagship macOS operating system, warning that financially motivated cybercriminals are abusing legitimate macOS functionalities to exploit vulnerabilities, evade defenses, or coerce users to infect their devices.In a blog post documenting its research into four known macOS ransomwar
Publish At:2023-01-09 18:28 | Read:98770 | Comments:0 | Tags:Cyberwarfare Disaster Recovery Endpoint Security Network Sec

Many of 13 New Mac Malware Families Discovered in 2022 Linked to China

More than a dozen new Mac malware families were discovered in 2022, including information stealers, cryptocurrency miners, loaders, and backdoors, and many of them have been linked to China.Mac security expert Patrick Wardle has compiled a list of the macOS malware that came to light over the course of last year. The number of new malware appears to be incre
Publish At:2023-01-06 14:30 | Read:231016 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Virus & Threats Virus &

Russian Turla Cyberspies Leveraged Other Hackers' USB-Delivered Malware

In a recent attack against a Ukrainian organization, Russian state-sponsored threat actor Turla leveraged legacy Andromeda malware likely deployed by other hackers via an infected USB drive, Mandiant reports.Active since at least 2006 and linked to the Russian government, the cyberespionage group is also tracked as Snake, Venomous Bear, Krypton, and Waterbug
Publish At:2023-01-06 10:32 | Read:158833 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY cyber hack

Predictions 2023: Big Tech’s Coming Security Shopping Spree

The SecurityWeek editorial team huddled over the holidays to look back at the stories that shaped 2022 and, more importantly, to stare into a shiny crystal ball to find the cybersecurity narratives that will dominate this year’s headlines.For the most part, not much will change. Organizations large and small will continue to acknowledge major data breaches,
Publish At:2023-01-05 14:30 | Read:78339 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

LastPass Says Password Vault Data Stolen in Data Breach

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that could be exposed by brute-forcing or guessing master passwords.The company, which is owned by GoTo (formerly LogMeIn), said the hackers broke into its network in August and used information from that hack
Publish At:2022-12-22 22:25 | Read:123393 | Comments:0 | Tags:Cyberwarfare Disaster Recovery Endpoint Security NEWS &

Russian APT Gamaredon Changes Tactics in Attacks Targeting Ukraine

Russia-linked Gamaredon, a hacking group known for providing services to other advanced persistent threat (APT) actors, is one of the most intrusive, continuously active APTs targeting Ukraine, Palo Alto Networks’ Unit 42 warns.Also known as Armageddon, Primitive Bear, Shuckworm, and Trident Ursa, Gamaredon has been active since at least 2013, mainly focused
Publish At:2022-12-21 10:31 | Read:123166 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Virus & Threats Virus &

Ukraine's Delta Military Intelligence Program Targeted by Hackers

Ukraine’s Computer Emergency Response Team (CERT-UA) revealed recently that users of the country’s Delta military intelligence program have been targeted with data-stealing malware.According to CERT-UA, the attackers have used hacked email accounts belonging to Ministry of Defense employees, as well as messaging applications, to send out messages informing r
Publish At:2022-12-20 11:55 | Read:113425 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Malware hack

Official: Russia, Iran Turmoil Limited Meddling in US Vote

Russia’s war in Ukraine and anti-regime protests in Iran limited both Moscow and Tehran’s ability to try to influence or interfere in the recent U.S. midterm elections, a senior American military official said Monday.U.S. agencies were on high alert before November’s vote for potential cyberattacks or foreign influence operations, particularly after adversar
Publish At:2022-12-20 10:31 | Read:89589 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY

Chinese Cyberspies Targeted Japanese Political Entities Ahead of Elections

A Chinese cyberespionage group known as MirrorFace has been observed targeting Japanese political entities ahead of the House of Councillors election in July 2022.Believed to have ties with APT10, MirrorFace is known for the targeting of academic institutions, defense-related firms, diplomatic organizations, media companies, and think tanks in Japan.The adva
Publish At:2022-12-15 10:31 | Read:104199 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Malware cyber

Reassessing cyberwarfare. Lessons learned in 2022

At this point, it has become cliché to say that nothing in 2022 turned out the way we expected. We left the COVID-19 crisis behind hoping for a long-awaited return to normality and were immediately plunged into the chaos and uncertainty of a twentieth-century-style military conflict that posed serious risks of spreading over the continent. While the broader
Publish At:2022-12-14 07:35 | Read:228397 | Comments:0 | Tags:Kaspersky Security Bulletin APT Cyberwarfare Data leaks DDoS

VMware Patches VM Escape Flaw Exploited at Geekpwn Event

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine escape bug exploited at the GeekPwn 2022 hacking challenge.The VM escape flaw, documented as CVE-2022-31705, was exploited by Ant Security researcher Yuhao Jiang on systems running fully patche
Publish At:2022-12-13 18:27 | Read:145132 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud