HackDig : Dig high-quality web security articles for hacker

No Patch for VPN Bypass Flaw Discovered in iOS

Proton Technologies, the company behind the privacy-focused ProtonMail and ProtonVPN services, this week disclosed the existence of a vulnerability in Apple’s iOS mobile operating system that prevents VPN applications from encrypting all traffic.The flaw was discovered by a member of the Proton community in iOS 13.3.1, but Apple has yet to release a patch an
Publish At:2020-03-26 17:19 | Read:204 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Privacy Vulnerabilities

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

IBM X-Force researchers recently analyzed an Android malware app that’s likely being pushed to infected users by the TrickBot Trojan. This app, dubbed “TrickMo” by our team, is designed to bypass strong authentication methods that bank customers use when they need to authorize a transaction. Though it’s not the first of its kind, this
Publish At:2020-03-24 07:55 | Read:136 | Comments:0 | Tags:Advanced Threats Risk Management Threat Intelligence Android

Top 10 Brand Phishing Companies

Top 10 Brand Phishing Companies March 23rd, 2020 No Comments anti-phishing, Data Protection, Online Safety, Uncategorized By 2020, you’ve probably already experienced getting an email from a well-known company, such as Apple or Facebook, letting you
Publish At:2020-03-23 13:22 | Read:118 | Comments:0 | Tags:anti-phishing Data Protection Online Safety Uncategorized br

Crypto-Risk: Your Data Security Blind Spot

For many years — almost since the beginning of secure internet communications — data security professionals have had to face the challenge of using certificates, the mechanism that forms the basis of Transport Layer Security (TLS) communications. Certificates facilitate secure connections to websites (represented by the “s” in “https”
Publish At:2020-03-23 10:45 | Read:109 | Comments:0 | Tags:Data Protection Risk Management Apple Business Continuity Ce

Mozilla to Remove Support for FTP in Firefox

Mozilla is getting ready to remove support for the File Transfer Protocol (FTP) from the Firefox web browser due to security concerns.FTP has been around for nearly five decades, allowing for the transfer of files between computers. The protocol is built on a client-server model architecture and has been considered insecure, being secured with SSL/TLS (FTPS)
Publish At:2020-03-21 10:55 | Read:248 | Comments:0 | Tags:NEWS & INDUSTRY Data Protection Management & Strateg

Unprotected Database Exposed 5 Billion Previously Leaked Records

An Elasticsearch instance containing over 5 billion records of data leaked in previous cybersecurity incidents was found exposed to anyone with an Internet connection, Security Discovery reports.The database was identified as belonging to UK-based security company Keepnet Labs, which focuses on keeping organizations safe from email-based cyber-attacks. It co
Publish At:2020-03-21 08:20 | Read:254 | Comments:0 | Tags:NEWS & INDUSTRY Data Protection

UK Printing Company Exposed Military Documents

Cybersecurity researchers say UK-based document printing and binding company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military, by leaving an AWS S3 bucket unprotected.vpnMentor researchers claim they have discovered 343GB worth of files on an AWS server belonging to Doxzoo. They say the company w
Publish At:2020-03-20 13:22 | Read:254 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Identity & Access Cloud Secu

7 Spring Cleaning Tasks to Improve Data Security

This year, March 19 ushered in spring in the Northern Hemisphere — the first time since 1896 that the season has started so early. So why not take advantage of the season’s early arrival to do some spring cleaning, not only of your physical space, but of your data and systems, too? Digital spring cleaning can make your life easier and dramatically impr
Publish At:2020-03-20 10:40 | Read:152 | Comments:0 | Tags:Data Protection Mobile Security Application Security Cloud C

NIST, DHS Publish Guidance on Securing Virtual Meetings, VPNs

With people worldwide forced to work from home due to the coronavirus epidemic, NIST and DHS published a series of recommendations on how to ensure that virtual meetings and connections to enterprise networks are protected from prying eyes.Conference calls and web meetings have long been part of modern work, as they play a vital role in ensuring the necessar
Publish At:2020-03-19 10:49 | Read:144 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Virus & Threats Iden

How CIAM Addresses the Challenges of Consumer Identity Management

Consumer identities are at the heart of brand engagements today. Digital interactions are a routine part of our lives and touchpoints for consumers have reached astounding heights. Nearly 60 percent of the world is digitally connected and more than half of the world’s population will be using social media by the middle of 2020, according to We Are Soci
Publish At:2020-03-19 08:08 | Read:178 | Comments:0 | Tags:Identity & Access Security Services Business Continuity Comp

9 Best Practices from X-Force Red for Organizations and Employees

As employers rapidly respond to the need to protect their workforces from potential exposure and spread of the novel coronavirus, also known as COVID-19, many organizations are making the very difficult decision to pivot to a work-from-home model. This means employees will be connecting to corporate networks from whichever device is available: laptops, phone
Publish At:2020-03-18 16:57 | Read:155 | Comments:0 | Tags:Application Security CISO Data Protection Threat Intelligenc

Financial Services Firms Exposed 500,000 Sensitive Documents

Researchers say two financial services companies have exposed over 500,000 sensitive legal and financial documents by storing them in an unprotected AWS S3 bucket.vpnMentor’s research team discovered the exposed database in December 2019. An investigation revealed that the files appeared to be connected to a merchant cash advance mobile app named MCA Wizard
Publish At:2020-03-17 17:07 | Read:163 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security Data Protection

World Backup Day: A Seriously Good Idea

Reading Time: ~ 3 min. “Cold Cuts Day,” “National Anthem Day,” “What if Cats and Dogs had Opposable Thumbs Day”… If you’ve never heard of World Backup Day, you’d be forgiven for thinking it’s another of the gimmicky “holidays” that seem to be snatching up more and more space on the c
Publish At:2020-03-17 08:41 | Read:105 | Comments:0 | Tags:Business + Partners SMBs data protection

Player vs. Hacker: Cyberthreats to Gaming Companies and Gamers

The video gaming landscape has changed drastically over the past few decades. Some of these changes have led to considerable developments in the cyberthreat landscape as it applies to gaming companies, the games themselves and the user base that enjoys them. Integration of the cloud, mobile apps and social networks, the diversity of games and platforms, th
Publish At:2020-03-16 10:45 | Read:222 | Comments:0 | Tags:Application Security Software & App Vulnerabilities Threat I

Coronavirus: New Phishing Campaigns Exploit the Global Panic

Coronavirus: New Phishing Campaigns Exploit the Global Panic March 15th, 2020 No Comments anti-phishing, Data Privacy, Data Protection, Online Privacy, Online Safety, PC security, remote work, Uncategorized Unless you’ve been in complete lack of con
Publish At:2020-03-15 08:07 | Read:439 | Comments:0 | Tags:anti-phishing Data Privacy Data Protection Online Privacy On


Share high-quality web security related articles with you:)


Tag Cloud