HackDig : Dig high-quality web security articles for hacker

FBI: Cybercriminals Mailing Malicious USB Devices to Victims

The financially-motivated hacking group FIN7 has started mailing malicious USB devices to intended victims in an effort to infect their computers with malware, the FBI warns.Active since at least 2015, the cybercrime group has been focused on stealing credit card information from businesses worldwide. The hackers were indicted in the United States for target
Publish At:2020-03-30 12:22 | Read:99 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Vi

Users Complain About Windows Update That Patches SMBGhost Vulnerability

Some users have complained that the Windows security update released recently by Microsoft to patch a wormable vulnerability related to Server Message Block 3.0 (SMBv3) is causing problems.Microsoft released an out-of-band update for Windows 10 and Windows Server on March 12 to fix CVE-2020-0796, a vulnerability that can allow an unauthenticated attacker to
Publish At:2020-03-17 09:31 | Read:142 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Vulnerabilities Vulner

Microsoft Deprecates Remote Desktop Connection Manager

Microsoft announced this week that has deprecated Remote Desktop Connection Manager (RDCMan) due to security concerns. The application has been around for decades, providing users with the ability to manage multiple remote desktop connections, but Microsoft has long been investing in other solutions to provide users with remote desktop access. In a
Publish At:2020-03-13 13:45 | Read:145 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY

Google Releases Tool to Block USB Keystroke Injection Attacks

Google has released a new software tool designed to identify potential USB keystroke injection attacks and block devices they originate from. With keystroke injection tools being easily availabile, they are able to send keystrokes immensely fast while being effectively invisible to the victim. Delivered over USB, keystroke injection attacks require a Hu
Publish At:2020-03-12 15:42 | Read:277 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Identity & Access

Load Value Injection: Intel CPUs Vulnerable to Reverse Meltdown Attack

Many processors made by Intel are vulnerable to a newly disclosed type of attack named Load Value Injection (LVI), but the chip maker has told customers that the attack is not very practical in real world environments.The vulnerability, tracked as CVE-2020-0551, was first reported to Intel in April 2019 by Jo Van Bulck from the KU Leuven research university
Publish At:2020-03-10 16:30 | Read:210 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Cloud Security Vulnera

Checkpoint Creates Encyclopedia of Malware Evasion Techniques

Cybersecurity firm Checkpoint has created an encyclopedia of the various techniques used by malware to evade analysis.The encyclopedia covers evasion techniques related to the file system, registry, generic OS queries, global OS objects, user interface artifacts, OS features, processes, network, CPU, firmware tables, hooks, hardware, and macOS-specific sandb
Publish At:2020-03-02 18:49 | Read:221 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Vi

Microsoft Boosts PUA Protections in Edge

Microsoft this week announced new features in its Edge browser to prevent the download of potentially unwanted applications (PUA).PUAs may refer to applications that create extra advertisements, mine for crypto-currencies, or display offers for other pieces of software that have a poor reputation. Such software can hurt user experience, lower productivity an
Publish At:2020-02-28 14:56 | Read:291 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Vi

Making Cloud Security a Team Sport

While most large enterprises are moving to the cloud in some form, the path is never as direct as chief information officers (CIOs) and chief information security officers (CISOs) might like it to be. Most come to terms with the fact that the cloud won’t be a single offering, but rather a hybrid multicloud that aligns critical applications with cloud s
Publish At:2020-02-21 09:34 | Read:319 | Comments:0 | Tags:Cloud Security Cloud Cloud Adoption Cloud Infrastructure Clo

Microsoft Threat Protection Now Generally Available

Microsoft this week announced the general availability of Microsoft Threat Protection, its integrated security solution aimed at offering protection across users, email, applications, and endpoints.Released in public preview in December 2019, the solution builds on Microsoft Defender Advanced Threat Protection (ATP), Office 365 ATP, Azure ATP, and Microsoft
Publish At:2020-02-20 12:45 | Read:279 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Cl

SentinelOne Achieves Unicorn Status After $200 Million Funding Round

Endpoint security firm SentinelOne on Wednesday announced that it has raised $200 million in a Series E funding round, at a valuation of more than $1.1 billion, which gives the company “unicorn” status.The latest funding round, which brings the total raised by SentinelOne to $430 million, was led by Insight Partners, with participation from Tiger Global Mana
Publish At:2020-02-19 14:46 | Read:301 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Management & Strat

Chrome Will Block Insecure Downloads on HTTPS Pages

In an attempt to improve the security of its users, the Chrome browser will soon start blocking insecure downloads on HTTPS pages, Google announced.The plan, which the Internet giant laid out this week, is expected to be completed sometime in the fall, when Chrome 86 arrives.The announcement comes just days after the release of Chrome 80, which by default bl
Publish At:2020-02-07 22:15 | Read:294 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Ri

Devices Still Vulnerable to DMA Attacks Despite Protections

Many devices, including ones often found in enterprise environments, are likely still vulnerable to direct memory access (DMA) attacks, despite the fact that hardware and software vendors have implemented protections that should prevent such attacks, firmware security company Eclypsium said on Thursday.DMA is designed to allow hardware components or peripher
Publish At:2020-01-30 10:15 | Read:422 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Security Architecture

Trend Micro OfficeScan Flaw Apparently Exploited in Mitsubishi Electric Hack

A cyberattack disclosed recently by Mitsubishi Electric, which resulted in hackers gaining access to the company’s network and stealing corporate data, likely involved exploitation of a vulnerability in Trend Micro’s OfficeScan product.Discovered in June 2019 but disclosed only last week, the data breach impacted both employee and corporate data at the Japan
Publish At:2020-01-27 10:15 | Read:379 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Vu

Peter Leav Named CEO of McAfee

Cybersecurity firm McAfee announced on Thursday that its board of managers has appointed Peter Leav as the company’s new chief executive officer after Chris Young decided to step down.Leav will take on the role of CEO on February 3 and he will also be appointed to the company’s board of managers. Young will stay on in an advisory role to assist with the tran
Publish At:2020-01-17 10:15 | Read:450 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Management & Strat

NSA Discloses Serious Windows Vulnerability to Microsoft

The U.S. National Security Agency (NSA) has informed Microsoft that Windows is affected by a potentially serious spoofing vulnerability that could allow hackers to make a malicious file appear to come from a trusted source or conduct man-in-the-middle (MitM) attacks.The NSA reached out to reporters to inform them about the vulnerability before Microsoft rele
Publish At:2020-01-14 22:15 | Read:412 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Vu

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud