HackDig : Dig high-quality web security articles for hacker

Malware Served via Anti-Adblocking Service PageFair

Hackers breached the systems of anti-adblocking solutions provider PageFair and used the access to deliver malware via the publishers that rely on the company’s services.PageFair helps web publishers measure and recover revenue lost due to ad blockers, which have become increasingly problematic for the advertising industry. The company says it serves more th
Publish At:2015-11-03 15:55 | Read:1083 | Comments:0 | Tags:Cyberwarfare Desktop Security Disaster Recovery Mobile Secur

Security Software Increases Exposure to Attacks: Google Researcher

Security software can considerably increase exposure to targeted attacks, according to Google information security engineer Tavis Ormandy.Ormandy and other Google Project Zero researchers have been working on improving the software testing method known as fuzzing in an effort to make the process of identifying security issues more efficient. The expert has b
Publish At:2015-09-24 16:55 | Read:764 | Comments:0 | Tags:Desktop Security NEWS & INDUSTRY Vulnerabilities

New PoS Trojan Steals Card Data, Intercepts Browser Requests

Researchers from anti-virus firm Dr.Web have discovered new malware designed to infect point-of-sale (PoS) terminals and capable of intercepting GET and POST requests sent from Web browsers on infected machines.Dubbed Trojan.MWZLesson, the Trojan can modify the registry branch in charge with autorun on the infected PoS terminals, while also being able to che
Publish At:2015-09-18 02:30 | Read:758 | Comments:0 | Tags:Desktop Security NEWS & INDUSTRY Malware Cybercrime

Ad fraud Trojan updates Flash Player so that other malware can't get in

Someone call the malware antitrust commission: Recent versions of the Kovter ad fraud Trojan, which infects computers through Web-based exploits, close the door after themselves by updating Flash Player to the latest version.The new and somewhat surprising behavior was recently observed by a malware researcher known online as Kafeine, who specializes in trac
Publish At:2015-07-03 14:15 | Read:781 | Comments:0 | Tags:Security Desktop Security Malware Security Windows Patches

Cisco plans to buy security-as-a-service provider OpenDNS

Cisco Systems plans to pay $635 million in cash to buy OpenDNS, a company that leverages the Domain Name System (DNS) to provide security services including Web filtering, threat intelligence and malware and phishing protection.The DNS is a core Internet protocol. It’s used to translate Web addresses that are easy for people to remember, like website names,
Publish At:2015-06-30 17:35 | Read:778 | Comments:0 | Tags:Security Desktop Security Intrusion Security Compliance Onli

Windows 10 will allow apps to actively scan their content for malware

Windows 10 will have a new mechanism that will allow software developers to integrate their applications with whatever antimalware programs exist on users’ computers.The goal of the new Antimalware Scan Interface (AMSI) is to let applications send content to the locally installed antivirus product to be checked for malware.According to Microsoft, this can ha
Publish At:2015-06-12 04:00 | Read:759 | Comments:0 | Tags:Security Desktop Security Malware Antivirus

Congress moves forward on cyberthreat sharing bill despite privacy concerns

The U.S. House of Representatives may vote on a controversial cyberthreat information sharing bill this week, despite major privacy concerns from many digital rights groups and security researchers.The Protecting Cyber Networks Act “seriously threatens privacy and civil liberties, and would undermine cybersecurity, rather than enhance it,” said a letter sent
Publish At:2015-04-21 14:30 | Read:950 | Comments:0 | Tags:Government Legislation Business Security Desktop Security Co

Invincea Enhances Endpoint Protection Solution

End Point Security Solution Integrates Cloud Analysis and Enterprise Response Capabilities Endpoint threat prevention firm Invincea, Inc., this week enhanced its offerings with new threat identification and response capabilities added to its container-based endpoint protection solution. The latest version of the company’s flagship offering, Invincea Advance
Publish At:2015-04-17 12:40 | Read:981 | Comments:0 | Tags:Desktop Security NEWS & INDUSTRY Virus & Malware Mal

Tanium Raises $52 Million to Tackle Endpoint Security, Management

Systems and security management company Tanium announced on Tuesday that it has secured an additional $52 million in funding from Silicon Valley VC firm Andreessen Horowitz. The significant funding round comes less than a year after the company announced that it had raised $90 Million from Andreessen Horowitz in May 2014. Tanium offers a
Publish At:2015-03-31 19:35 | Read:663 | Comments:0 | Tags:Desktop Security NEWS & INDUSTRY Security Architecture

EMET security tool updated to prevent VBScript God Mode attacks

Microsoft updated its Enhanced Mitigation Experience Toolkit (EMET), a free exploit prevention tool, to protect against attacks that attempt to bypass Internet Explorer’s sandbox using VBScript.Microsoft first released EMET 5.2 last week, but re-released it Monday to fix issues that some customers experienced when running the tool in conjunction with Interne
Publish At:2015-03-17 18:55 | Read:1517 | Comments:0 | Tags:Security Desktop Security Online Safety Security Windows Pat

Buggy Panda Update Causes Problems for Home, Enterprise Users

A problematic signature file pushed out by Panda Security on Wednesday caused some legitimate files to be detected as malicious and moved to quarantine.According to the antivirus firm, the issue affected both home and enterprise customers using products such as Panda Cloud Office Protection, Panda Cloud Office Protection Advanced, Panda Antivirus Pro 2015, P
Publish At:2015-03-12 11:00 | Read:1005 | Comments:0 | Tags:Desktop Security NEWS & INDUSTRY

Windows systems are also vulnerable to FREAK attacks

A cryptographic library used in all Windows versions is affected by a recently disclosed vulnerability in SSL/TLS implementations that allows man-in-the-middle attackers to force clients and servers to use weak encryption. Internet Explorer and other programs using the library are affected.The FREAK (Factoring Attack on RSA-EXPORT Keys) vulnerability stems f
Publish At:2015-03-06 10:40 | Read:748 | Comments:0 | Tags:Security Windows Patches Desktop Security Encryption Securit

TrueCrypt audit back on track after silence and uncertainty

An effort to search for cryptographic flaws in TrueCrypt, a popular disk encryption program, will resume even though the software was abandoned by its creators almost a year ago.For years TrueCrypt has been the go-to open-source tool for people looking to encrypt files on their computers, especially since it’s one of the few solutions to allow encrypting the
Publish At:2015-02-20 15:00 | Read:813 | Comments:0 | Tags:Security Desktop Security Data Protection Encryption Securit

Jeb Bush's email dump puts constituents' personal data online

Jeb Bush, the former Florida governor now contemplating a run for U.S. president, may not have privacy high on his agenda.On Tuesday, Bush published online hundreds of thousands of emails he received during his time as governor, between 1999 and 2007. The emails touch on a range of issues including taxes, legislative proposals and affirmative action. Bush sa
Publish At:2015-02-11 10:15 | Read:945 | Comments:0 | Tags:Security Desktop Security Compliance Privacy Data Protection

Four technologies that betrayed Silk Road's anonymity

Pro tip for any would-be online drug kingpins: Don’t post vacation pictures on Facebook.Ross Ulbricht was convicted in a Manhattan federal court last week for his role operating the Silk Road online marketplace. He could serve 30 years or more behind bars.The market Ulbricht built was based on an expectation of anonymity: Silk Road servers operated within an
Publish At:2015-02-10 02:45 | Read:1159 | Comments:0 | Tags:Security Desktop Security Legal Malware/Cybercrime Business

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud