HackDig : Dig high-quality web security articles for hackers

The Center for Internet Security (CIS) Use Cases and Cost Justification

Vince Lombardi, the famous football coach, used to start his training camp each season with a talk about doing the basics. He’d tell the players that they start with the basics, then he’d take a football and hold it up and tell them, “This is a football.”  In football, as in life and IT Security, starting with the basics is the most important step you can ta
Publish At:2020-08-07 00:40 | Read:51 | Comments:0 | Tags:Featured Articles Security Controls audit Center for Interne

National Cybersecurity Authority (NCA): What You Need to Know

In its Vision 2030 development plan, Saudi Arabia included a National Transformation Program whose purpose is to diversify the Kingdom’s income away from the oil industry. One of the core tenets of that program is to enable the growth of the private sector by developing the digital economy. Specifically, Saudi Arabia set out its intention to increase the con
Publish At:2020-08-06 02:02 | Read:116 | Comments:0 | Tags:Featured Articles ECC NCA Saudi Arabia

Tripwire Research: IoT Smart Lock Vulnerability Spotlights Bigger Issues

The mechanical lock is perhaps the most fundamental, tangible, and familiar layer of security in our daily lives. People lock their doors with the expectation that these locks will keep the bad people out, but there’s a common adage in the security industry that locks are only good at keeping honest people honest. This is perhaps truer than ever in the era o
Publish At:2020-08-05 10:11 | Read:79 | Comments:0 | Tags:Featured Articles Internet of Things IoT security MQTT smart

Secure Remote Access: Why It’s Important and How to Do It Right

COVID-19 forced organizations all over the world to transition their employees to a work-from-home policy. That change came at a time when organizations’ connected infrastructure is more complex than ever. Such complexity doesn’t just extend across IT environments, either. Indeed, machines and production processes are also becoming increasingly complex as or
Publish At:2020-08-05 00:35 | Read:75 | Comments:0 | Tags:Featured Articles IT Security and Data Protection operationa

Podcast Episode 9: Sharpening Your Defenses With MITRE ATT&CK’s New Sub-Techniques

Jen Burns, lead cybersecurity engineer at MITRE, walks us through the MITRE ATT&CK© Framework and discusses some important changes brought by a July 2020 update. She then highlights what the security community can expect to see in a couple of upcoming updates before sharing how individuals can get involved with the MITRE ATT&CKFramework going forward
Publish At:2020-08-03 23:50 | Read:122 | Comments:0 | Tags:Featured Articles

Tripwire Patch Priority Index for July 2020

Tripwire’s July 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, F5 Networks, Cisco, and Oracle.Up first on the patch priority list this month are patches for F5 Networks and Cisco for vulnerabilities that have been integrated into various Exploits. Metasploit has recently added exploits for F5 Networks’ B
Publish At:2020-08-03 08:24 | Read:93 | Comments:0 | Tags:Featured Articles VERT Cisco critical vulnerability F5 Netwo

Social Engineering: Hacking Brains…It’s Easier than Hacking Computers

The audience in the room is weirdly quiet. The contestant is in a small plexiglass booth with nothing but a phone, a laptop computer and some notes. On a set of speakers outside, the booth broadcasts the sounds of a dial tone as a woman on the stage begins to dial a number. It is apparent she is not phoning a friend. The dial tone changes to a ring tone, and
Publish At:2020-07-30 15:36 | Read:94 | Comments:0 | Tags:Featured Articles Security Awareness cyberattack cybersecuri

Using Good Cyber Practices to Frame your Personal Cyber Narrative

Someone in my Twitter timeline wrote a post that resonated with me. Instead of advocating the idea of our firms mandating what we can and cannot do in our homes as working from home (WFH) standards, she said how gracious it was for us to let the firms into our home environments where we had already made investments in how and where we wanted to work in our p
Publish At:2020-07-28 17:17 | Read:128 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Access Man

Politician Amongst Those Who Had Their Direct Messages Accessed During Twitter Hack

More information has emerged related to last week’s attack which saw a number of high profile Twitter accounts hijacked for the purposes of spreading a cryptocurrency scam.Twitter has already said that 130 Twitter accounts were targeted by hackers, using tools that should only have been available to the site’s internal support team. Those tools a
Publish At:2020-07-23 09:52 | Read:169 | Comments:0 | Tags:Featured Articles IT Security and Data Protection hacking Pr

3 Emerging Innovations in Technology that Will Impact Cyber Security

It goes without saying that innovations and trends in technology have a direct impact on digital security. Just look at what happened with COVID-19. As organizations switched their workforces to remote connectivity, many security teams shifted their attention to deploying enterprise-wide VPNs and partnering with employees to harden their home networks/device
Publish At:2020-07-22 06:51 | Read:90 | Comments:0 | Tags:Featured Articles Security Awareness Foundational Controls i

The Cyber Risks of Remote Workers Returning to the Office

The COVID-19 pandemic has created a huge list of challenges for businesses. One that is potentially going unnoticed or under-reported is cybersecurity. Specifically, as lockdown ends and as individuals return to offices and places of work, it may be the case that something malicious is already waiting for them on their devices.Here we take a look at the cybe
Publish At:2020-07-21 23:07 | Read:117 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Cyber Risk

Understanding the Benefits of the Capability Maturity Model Integration (CMMI)

“Cybersecurity is the leading corporate governance challenge today, yet 87% of C-suite professionals and board members lack confidence in their company’s cybersecurity capabilities. Many CISOs and CSOs focus on implementing standards and frameworks, but what good is compliance if it does not improve your overall cybersecurity resilience?” – The CMMI Institut
Publish At:2020-07-20 23:57 | Read:101 | Comments:0 | Tags:Featured Articles Risk Management Capability Maturity Model

Top 5 Cybersecurity Risks with Cloud Migration

The demand for cloud computing has skyrocketed in recent years. Lower costs, a faster time to market, increased employee productivity, scalability, and flexibility are some of the beneficial factors motivating organizations to move to the cloud. It’s not likely that organizations will slow down with their migration plans, either. According to market estimate
Publish At:2020-07-19 23:30 | Read:217 | Comments:0 | Tags:Featured Articles Cloud cybersecurity risk

Are You Ready To Automate Your Cloud Account Security?

A Security Analyst, A Lead Developer, And A Cloud IT Admin Walk Into A Bar…Stop me if you’ve heard this one before.When we talk to users about the ways that they handle roles and responsibilities associated with keeping their Cloud accounts secure, we get a multitude of answers. There’s often a wide range of people and teams from various parts of the b
Publish At:2020-07-19 23:30 | Read:149 | Comments:0 | Tags:Featured Articles Cloud security visibility

The Twitter mega-hack. What you need to know

What the heck has happened on Twitter?Twitter accounts, owned by politicians, celebrities, and large organisations suddenly started tweeting messages to their many millions of followers, at the behest of hackers.What did the messages say?Here is a typical one which appeared on the account of rapper, songwriter, and optimistic Presidential candidate Kanye Wes
Publish At:2020-07-16 08:00 | Read:150 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Twitter

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud