HackDig : Dig high-quality web security articles for hacker

Most Security Pros & Execs Not Fully Aware of IoT Network Impact, Reveals OpenDNS Report

The emergence of IoT is especially pronounced in the workplace. Indeed, as revealed by a recent Tripwire survey, 63 percent of executives anticipate they will need to adopt “smart” things and other IoT devices due to the pressures exerted by business efficiency and productivity.Such enthusiasm notwithstanding, security has not kept up with the ch
Publish At:2015-11-26 09:41 | Read:2570 | Comments:0 | Tags:Featured Articles Security Awareness DNS FREAK Hearbleed Int

A large number of websites and web services affected by the LogJam TLS flaw

Researchers have discovered a new  TLS vulnerability dubbed LogJam that open a large number of online services to cyber attacks. Logjam is the name assigned to a new vulnerability that affects the Transport Layer Security (TLS) protocol putting a large number of online services at risk. Logjam vulnerability can be triggered th
Publish At:2015-05-21 15:15 | Read:3160 | Comments:0 | Tags:Breaking News Hacking encryption FREAK LogJam MITM security

POODLE flaw still affects hundred thousand Australian home routers

Security experts revealed that more thank 100,000 home routers belonging to Australian households are still vulnerable to the PODDLE vulnerability. Once again, home routers are exposed to the risk of cyber attacks. This time the news is related to the Australian consumer broadband modems that resulted affected by the Poodle an
Publish At:2015-04-03 18:15 | Read:3210 | Comments:0 | Tags:Breaking News Hacking Security FREAK home routers Internet o

The FREAK vuln: What it is and what you can do

What is the FREAK vulnerability? FREAK is the latest in a line of recently uncovered vulnerabilities affecting the way communications are secured over the Internet. Specifically, it impacts SSL/TLS and stands for “Factoring attack on RSA-EXPORT Keys”. The bug allows an attacker to sit between your HTTPS connection and the vulnerable client or server and forc
Publish At:2015-03-21 00:40 | Read:2159 | Comments:0 | Tags:Lookout News Security Vulnerability android FREAK iOS vulner

Thousands of Android & iOS Apps Still Vulnerable to FREAK Flaw

 A recent study found that more than 2,000 apps in the Apple App Store and Google Play Store are still vulnerable to FREAK – a widespread security flaw discovered earlier this month.Attackers exploiting the vulnerability can intercept HTTPS connections between vulnerable users and servers, thus forcing them to use weakened encryption, which can then be
Publish At:2015-03-19 23:50 | Read:2896 | Comments:0 | Tags:Latest Security News Android Apple apps FREAK mobile IOS

Mobile apps still vulnerable to FREAK attacks

Despite principal vendors have released updates to fix the FREAK vulnerability many mobile apps for Android and Apple iOS are still vulnerable. Early March, security experts discovered a critical vulnerability codenamed FREAK (CVE-2015-0204), also known as Factoring Attack on RSA-EXPORT Keys, which could be exploited by threat
Publish At:2015-03-19 09:40 | Read:2741 | Comments:0 | Tags:Breaking News Hacking Mobile Security Android Apple FireEye

Android exfiltration, OpenSSL, and iOS app memory handling

Android exfiltration, OpenSSL, and iOS app memory handling I’ll try not to rant on yet again Google’s squirming on security issues – especially in the context of malware – but it’s not been an altogether happy few weeks in Android security. According to Fo
Publish At:2015-03-19 01:15 | Read:2464 | Comments:0 | Tags:David Harley Android FREAK iOS OpenSSL IOS

Mobile Android, iOS Apps Still Vulnerable to FREAK Attacks

In the shadow of a major OpenSSL vulnerability scheduled to be announced tomorrow, lingering issues remain with mobile platforms and applications that still run versions of the crypto library vulnerable to FREAK attacks.A report published Tuesday by FireEye paints a bleak picture of vulnerable versions of iOS and Android applications that have been downloade
Publish At:2015-03-18 17:00 | Read:1875 | Comments:0 | Tags:Apple Hacks Mobile Security Vulnerabilities 512-bit RSA keys

Shared Keys Simplify, Cheapen FREAK Attacks

UPDATE: First the good news: it would seem that large providers and individual server admins have for the most part found and spiked export-grade cipher suites vulnerable to the FREAK attack. The bad news: It would seem it’s even less expensive than first believed to exploit the remaining servers still supporting 512-bit RSA keys.Researchers from Royal
Publish At:2015-03-18 01:00 | Read:2931 | Comments:0 | Tags:Cryptography Hacks 512-bit encryption keys ciphersuites cryp

HTTPS-crippling FREAK exploit affects thousands of Android and iOS apps

While almost all the attention paid to the HTTPS-crippling FREAK vulnerability has focused on browsers, consider this: thousands of Android and iOS apps, many with finance, shopping, and medical uses, are also vulnerable to the same exploit that decrypts passwords, credit card details, and other sensitive data sent between handsets and Internet servers.F
Publish At:2015-03-17 21:45 | Read:4058 | Comments:0 | Tags:Gear & Gadgets Infinite Loop Risk Assessment Technology Lab

OpenSSL announced fix for mystery high critical vulnerability

New versions of OpenSSL will be released on Thursday to patch critical security vulnerabilities, one of which is considered very dangerous. The OpenSSL Project Team announced in an advisory published on Monday that new versions of OpenSSL will be released on Thursday to patch several security vulnerabilities. The disconcerting
Publish At:2015-03-17 09:40 | Read:2405 | Comments:0 | Tags:Breaking News Security encryption FREAK Heartbleed OpenSSL s

HTTPS-crippling FREAK attacks become cheaper and easier to carry out

There's more bad news surrounding the HTTPS-crippling FREAK vulnerability that came to light two weeks ago. A recently completed scan of the Internet revealed 10 percent of servers that support the underlying transport layer security protocol remain susceptible. Even worse, many of these laggards contain an additional weakness that drastically drives dow
Publish At:2015-03-17 05:45 | Read:2178 | Comments:0 | Tags:Risk Assessment Technology Lab cryptography encryption facto

Microsoft Releases 14 Security Bulletins, 5 Rated ‘Critical'; Fixes FREAK Bug

Today Microsoft released their monthly Patch Tuesday posting, with a total of 14 security bulletins that include 5 bulletins that were listed as Critical. This batch of patches addresses vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft Exchange, and Internet Explorer. Fixes for FREAK One of the more notable bugs covered by this posting inclu
Publish At:2015-03-11 13:30 | Read:2288 | Comments:0 | Tags:Vulnerabilities FREAK Patch Tuesday Stuxnet

Apple and Microsoft released updates to fix the FREAK flaw

Microsoft and Apple released security updates to fix the FREAK vulnerability recently discovered and affecting their products. FREAK is a major security flaw recently discovered that left users of Apple and Google devices exposed to MITM attack while visiting supposedly secure Websites. At the same time Microsoft issued a spec
Publish At:2015-03-11 09:35 | Read:2344 | Comments:0 | Tags:Breaking News Hacking Apple CVE-2015-0204 encryption FREAK m

FREAK SSL Bug Forces Security Makers to Scramble for a Fix

On March 3, security researchers noted that an age-old SSL bug—in existence for more than 10 years—allows hackers under the right conditions to exploit a man-in-the-middle attack and gain access to potentially sensitive information. FREAK (Factoring RSA-EXPORT Keys) SSL relies on outdated ‘export grade’ cryptography settings, which are still contained within
Publish At:2015-03-11 01:45 | Read:2355 | Comments:0 | Tags:Featured ThreatTrack Security Labs bug FREAK rsa SSL web bro

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud