HackDig : Dig high-quality web security articles for hackers

Researchers Revive 'Foreshadow' Attack by Extending It Beyond L1 Cache

Researchers revealed late on Thursday that the mitigations and patches rolled out in 2018 for the Foreshadow vulnerabilities affecting Intel processors can fail to prevent attacks.Foreshadow, also known as L1 Terminal Fault (L1TF), is the name assigned to three speculative execution flaws reported to Intel shortly after the disclosure in January 2018 of the
Publish At:2020-08-07 07:55 | Read:96 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Vu

Endpoint Security Using AI & MITRE For Your Remote Workforce

As employees increasingly work remotely, it is more important than ever to maintain visibility and threat detection in a remote working world. We have seen a significant increase in state-sponsored attacks and malicious phishing campaigns, and this trend is expected to continue. This period of remote work is a good time for enterprise to make sure endpoint
Publish At:2020-08-06 09:54 | Read:115 | Comments:0 | Tags:Endpoint remote workforce Endpoint Security Remote Access Th

Researcher Details Sophisticated macOS Attack via Office Document Macros

A researcher found a way to deliver malware to macOS systems using a Microsoft Office document containing macro code. The victim simply has to open the document and no alerts are displayed.Macros enable Office users to automate frequent tasks using VBA code. A macro added to an Office document can be triggered when the file is opened, a feature that cybercri
Publish At:2020-08-05 17:22 | Read:122 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Vulnerabilities

Google Analysis of Zero-Days Exploited in 2019 Finds 'Detection Bias'

Google Project Zero last week released a report on the vulnerabilities exploited in attacks in 2019, and its researchers have drawn some interesting conclusions regarding the detection of zero-days.Google Project Zero has been tracking vulnerabilities exploited in the wild since 2014 and last year it made available a spreadsheet showing the flaws it has trac
Publish At:2020-08-03 11:18 | Read:80 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Ri

BootHole Patches Causing Many Systems to Become Unbootable

It appears that the patches released for Linux distributions in response to the GRUB2 bootloader vulnerability are causing problems for many users, making their systems unbootable.The flaw, tracked as BootHole and CVE-2020-10713, impacts PCs, servers and other devices running Linux and Windows if they use Secure Boot. An attacker with admin privileges on the
Publish At:2020-07-31 12:20 | Read:98 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Incident Response Vuln

Free Microsoft Service Looks at OS Memory Snapshots to Find Malware

Microsoft on Monday unveiled Project Freta, a free service that allows users to find rootkits and other sophisticated malware in operating system memory snapshots.Freta is the name of the street in Warsaw, Poland, where renowned scientist Marie Curie was born. The project’s name is related to Marie Curie inventing a mobile x-ray device that could be taken to
Publish At:2020-07-07 10:42 | Read:120 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Vi

Driver Vulnerabilities Facilitate Attacks on ATMs, PoS Systems

Driver vulnerabilities can facilitate attacks on ATMs, point-of-sale (PoS) systems and other devices, firmware security company Eclypsium warned on Monday.Eclypsium last year analyzed device drivers from major vendors and found that over 40 drivers made by 20 companies contained serious vulnerabilities that could be exploited to deploy persistent malware.The
Publish At:2020-06-30 01:07 | Read:240 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Vulnerabilities IoT Se

Salesforce Ventures Investment Values Tanium at $9 Billion

Tanium and Salesforce have come together in a strategic relationship to help solve one of today's most compelling and urgent problems: how does security manage a workforce that has migrated from in-house company desktops to remote personal devices. It is a problem that will not go away with the end of the COVID-19 pandemic.The new relationship involves a new
Publish At:2020-06-26 12:11 | Read:89 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Management & Strat

Microsoft Releases Defender ATP for Android in Public Preview

Microsoft this week announced the public preview availability of the Android version of its Defender Advanced Threat Protection (ATP) software and the general availability of the Linux variant.Microsoft introduced Defender ATP in Windows 10 in 2016, but has since expanded its reach to other Windows versions, as well as to macOS and Linux, and now mobile devi
Publish At:2020-06-25 01:26 | Read:191 | Comments:0 | Tags:Endpoint Security Mobile Security NEWS & INDUSTRY Virus

Safe Documents Feature in Microsoft 365 Apps Now Generally Available

Microsoft this week announced that Safe Documents, a feature meant to boost the protection of Microsoft 365 users when opening unsafe documents, is generally available.Initially introduced in November, Safe Documents brings Office ATP capabilities to the desktop and provides users with increased protection compared to Protected View, which was first announce
Publish At:2020-06-23 14:41 | Read:180 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats

Micro-Segmentation for Endpoints Shows Promising Defense Against Lateral Movement

Micro-segmentation combined with zero-trust access control between the segments is recommended as one of the best approaches to breach containment. This principle is now extended from the network infrastructure to the endpoint, whether that device is local in the office, portable, or remote at home.Segmentation does not prevent compromise, but it contains it
Publish At:2020-06-23 10:49 | Read:203 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY

Microsoft Defender ATP Gets UEFI Scanner

Microsoft has extended the protection capabilities of Microsoft Defender Advanced Threat Protection (ATP) with the addition of a Unified Extensible Firmware Interface (UEFI) scanner.With hardware and firmware-level attacks increasing in frequency over the past several years, Microsoft has decided to expand its security solution’s capabilities to ensure it ca
Publish At:2020-06-18 14:15 | Read:196 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Security Architecture

Adobe Acrobat DC Gets Protected Mode on Windows

Adobe this week announced that it has introduced a protected mode in Adobe Acrobat DC for Windows.The feature is available only in preview at the moment, and only for Windows users running Adobe Acrobat DC 20.009.20063.381938 or higher on their machines.Protected Mode, which was introduced in Acrobat Reader ten years ago, is designed to help keep users safe
Publish At:2020-06-18 07:17 | Read:124 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Vi

BlackBerry Adds Cryptojacking Protection to Optics Security Product

BlackBerry announced on Wednesday that the latest release of its Optics endpoint security product now includes a feature designed to protect Intel-based PCs against cryptomining malware.Many cybercriminals try to make a profit by installing cryptocurrency mining malware on compromised systems. These cryptojacking attacks often target enterprise networks as i
Publish At:2020-06-17 11:58 | Read:148 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Malware

New Security Tech in Intel CPUs Protects Systems Against Malware Attacks

Intel on Monday unveiled a new security technology for its processors that will help protect systems against attack methods commonly used by malware.The new Control-Flow Enforcement Technology (CET), which is built into the hardware microarchitecture, will initially be available in the upcoming Tiger Lake mobile processors, but the tech giant plans on includ
Publish At:2020-06-15 13:39 | Read:184 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Ap


Share high-quality web security related articles with you:)


Tag Cloud