HackDig : Dig high-quality web security articles

White House launches plan to protect US critical infrastructure against cyber attacks

The White House is reportedly moving swiftly forward with a plan to harden the security of the US power grid against hacking attacks.According to Bloomberg, the Biden administration has a plan to dramatically improve how power utilities defend themselves against attacks from countries considered to be adversaries in cyberspace – such as Russia, Iran, N
Publish At:2021-04-15 12:52 | Read:152 | Comments:0 | Tags:Featured Articles Critical Infrastructure cyberattack Power

Digging Into the Third Zero-Day Chrome Flaw of 2021

Hidden deep in Google’s release notes for the new version of Chrome that shipped on March 1 is a fix for an “object lifecycle issue.” Or, for the less technically inclined, a major bug.Bugs like these have been common in Chrome, leading some to wonder whether the world’s most popular web browser is as safe as it could be? Google created Chrome as a secure br
Publish At:2021-04-09 00:19 | Read:146 | Comments:0 | Tags:Featured Articles

Average ransomware payouts shoot up 171% to over $300,000

Organisations hit by ransomware attacks are finding themselves paying out more than ever before, according to a new report from Palo Alto Networks.The Unit 42 threat intelligence team at Palo Alto Networks teamed up with the incident response team at Crypsis to produce their latest threat report which looks at the latest trends in ransomware, and compares pa
Publish At:2021-03-25 09:04 | Read:179 | Comments:0 | Tags:Featured Articles cybercrime cybercriminals malware NetWalke

64 times worse than ransomware? FBI statistics underline the horrific cost of business email compromise

The FBI is reminding organisations of the serious threat posed by business email compromise (BEC) scams, declaring that it caused over $1.8 billion worth of losses to businesses last year.The newly-published annual cybercrime report from the FBI’s Internet Crime Complaint Center (IC3) reveals that it had received a record number of complaints and claim
Publish At:2021-03-18 10:30 | Read:222 | Comments:0 | Tags:Featured Articles FBI ransomware

Wall Street targeted by new Capital Call investment email scammers

Business Email Compromise (BEC) scammers, who have made rich returns in recent years tricking organisations into transferring funds into their accounts, have found a new tactic which attempts to swindle Wall Street firms out of significantly larger amounts of money.According to a newly published-report by Agari, scammers are seeking to defraud Wall Street bu
Publish At:2021-03-04 13:50 | Read:349 | Comments:0 | Tags:Featured Articles BEC Cyber Crime scam

MalwareTech, WannaCry and Kronos – Understanding the Connections

As Marcus Hutchins was on his way home to the UK after attending Def Con and Black Hat in Las Vegas, NV, the FBI arrested him. This event sparked immediate internet outcry, especially among the cybersecurity community, as Hutchins was better known as MalwareTech and had just made cybersecurity fame by stopping the WannaCry ransomware outbreak a few months pr
Publish At:2021-03-04 02:08 | Read:508 | Comments:0 | Tags:Featured Articles FBI Kronos MalwareTech ransomware WannaCry

10 Database Security Best Practices You Should Know

According to Risk Based Security’s 2020 Q3 report, around 36 billion records were compromised between January and September 2020. While this result is quite staggering, it also sends a clear message of the need for effective database security measures.Database security measures are a bit different from website security practices. The former involve physical
Publish At:2021-02-25 02:26 | Read:358 | Comments:0 | Tags:Featured Articles Authentication data safety database securi

Black History Month: Diversity in Cybersecurity Is More Important than Technology

Each February, the United States, Canada, the United Kingdom and other countries observe Black History Month. It’s a month-long celebration of the generations of black people who have elevated society by the way in which they’ve lived their lives. It’s also an opportunity for us to recognize that there’s still plenty of work to do in the name of promoting di
Publish At:2021-02-24 03:02 | Read:351 | Comments:0 | Tags:Featured Articles diversity Mentor security cyber cybersecur

US charges North Koreans in relation to global cyber attacks

The United States Department of Justice has charged three North Korean computer programmers with a range of cyber attacks that made headlines around the world.The men – 31-year-old Jon Chang Hyok, Kim Il, 27, and 36-year-old Park Jin Hyok – are alleged to have been part of North Korea’s Reconnaissance General Bureau (RGB), known commonly as
Publish At:2021-02-18 14:26 | Read:259 | Comments:0 | Tags:Featured Articles cyber

Coming to Life: A Detailed Tutorial on Building Your First ATT&CK Procedure

Note: The attack procedure built in this post will not work for every macOS operating system or in every scenario. There are many factors that can block scripts from running at boot time, and you should always test against your target operating system.The MITRE ATT&CK framework is a universally accepted knowledge-base of tactics, techniques and procedure
Publish At:2021-02-18 02:44 | Read:549 | Comments:0 | Tags:Featured Articles MITRE ATT&CK

Attacker Hacked into Florida City’s Water Treatment Plant, Attempted to Poison Water Supply

An attacker hacked into a Florida city’s water treatment plan and attempted to leverage that access to poison the municipality’s water supply. According to WTSP-TV, an operator at the water treatment plan in the 15,000-person City of Oldsmar, Florida noticed someone controlling his mouse cursor on February 5 at around 08:00. The operator didn’
Publish At:2021-02-09 15:56 | Read:347 | Comments:0 | Tags:Featured Articles hack

General Tips for Children & Teens on Safer Internet Day

On February 9, 2021, the world will celebrate the 18th iteration of Safer Internet Day. The theme of this year’s event is “Together for a better internet.” It’s a reminder that all of us have a responsibility to help make the web a safer place.One of the ways we can do this is by taking the online safety of children and teens to heart. In their enthusiasm fo
Publish At:2021-02-09 08:08 | Read:454 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Privacy Sa

Social Media Best Practices for Safer Internet Day

On February 9, 2021, the world will celebrate the 18th iteration of Safer Internet Day. It’s an opportunity for everyone to recognize the importance of staying safe online. It’s also a reminder that all of us play a part in making the web a safer place.One of the ways we can observe Safer Internet Day is by helping children and teens navigate social media. Y
Publish At:2021-02-09 00:20 | Read:417 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Privacy Sa

Sloppy patches are a breeding ground for zero-day exploits, says Google

Security researchers at Google have claimed that a quarter of all zero-day software exploits could have been avoided if more effort had been made by vendors when creating patches for vulnerabilities in their software.In a blog post, Maddie Stone of Google’s Project Zero team says that 25% of the zero-day exploits detected in 2020 are closely related to
Publish At:2021-02-04 15:02 | Read:415 | Comments:0 | Tags:Featured Articles Vulnerability Management patches vendors z

8 Top Technical Resource Providers for ICS Security Professionals

Attacks against industrial control systems (ICS) are on the rise. In its 2020 X-Force Threat Intelligence Report, for instance, IBM found that digital attacks targeting organizations’ ICS had increased by more than 2,000% between 2019 and 2018. Most of those attacks involved the exploitation of vulnerabilities affecting supervisory control and data acquisiti
Publish At:2021-02-03 07:50 | Read:429 | Comments:0 | Tags:Featured Articles ICS Security ISC Security Network OT secur