HackDig : Dig high-quality web security articles for hacker

Beware secret lovers spreading Nemty ransomware

Digital attackers are sending around love-themed malicious emails in an attempt to infect recipients with the Nemty ransomware.If you’ve been kicking around in the world of IT security for more years than you’d like to admit, then you’ll surely remember the ILOVEYOU virus (also known as the “Love Bug” or “Loveletter”
Publish At:2020-02-28 10:55 | Read:87 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Nemty rans

SANS 2019 Incident Response Survey: Successful IR Relies on Visibility

During the past year, we have witnessed significant data breaches that have impacted industries ranging from hospitality to legal to social media. We have seen a continuation of financially motivated threats, such as business email compromise (BEC), which continue to plague corporate bank accounts. Ransomware has brought multiple cities, schools and universi
Publish At:2020-02-26 02:05 | Read:102 | Comments:0 | Tags:Featured Articles Incident Detection BEC containment detecti

The MITRE ATT&CK Framework: Impact

Not all attackers are trying to exfiltrate data. In security, we’re all familiar with CIA triad—confidentiality, availability, and integrity. While Exfiltration describes adversarial behavior with the goal of violating confidentiality, attackers may look to manipulate, interrupt, or destroy your systems and data. The Impact tactic describes techniques that a
Publish At:2020-02-25 00:38 | Read:148 | Comments:0 | Tags:Featured Articles MITRE Framework ATT&CK Impact MITRE

How to Get Started in Digital Forensics

If you want to become a digital forensic expert, be aware that when entering the field, you will be presented with an abundance of information that you will not know. It is a wonderfully challenging career path. Some believe that having the title of a cybersecurity professional (e.g. digital forensics expert, cybersecurity analyst, incident response commande
Publish At:2020-02-24 01:53 | Read:41 | Comments:0 | Tags:Featured Articles Incident Detection breach Digital Forensic

MGM Resorts hacked: 10.6 million guests have their personal data exposed on hacking forum

Over 10 million people who have stayed at MGM Resorts hotels – including Twitter boss Jack Dorsey and pop idol Justin Bieber – have had their personal details posted online by hackers.The security breach, publicised by ZDNet and security researcher Under the Breach, saw the records of 10,683,188 former guests – including names, postal addre
Publish At:2020-02-20 10:40 | Read:247 | Comments:0 | Tags:Featured Articles IT Security and Data Protection data breac

AZORult Trojan Disguised Itself as Fake ProtonVPN Installer

Security researchers observed samples of the AZORult trojan disguising themselves as fake ProtonVPN installers for distribution.Back in November 2019, malicious actors launched this attack campaign by registering the domain “protonvpn[.]store” with a registrar based in Russia.One iteration of the campaign used malvertising as its initial infectio
Publish At:2020-02-18 09:23 | Read:170 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Latest Sec

Signature and Socket Based Malware Detection with osquery and YARA

How Is YARA used?Historically, common detection methods have used file hashes (MD5, SHA1, and SHA256)—unique signatures based on the entire contents of the file—to identify malware. Modern threat actors have increased in sophistication to a point where every instance of a given malware will have a different hash, and that hash will vary from machine to machi
Publish At:2020-02-17 02:00 | Read:244 | Comments:0 | Tags:Featured Articles

Puerto Rico government falls for $2.6 million email scam

As if Puerto Rico wasn’t having a hard enough time as it attempts to recover from a recession, the damage caused by devastating hurricanes in recent years, and a damaging earthquake last month, it now finds itself being exploited by cybercriminals.According to media reports, the government of the US island territory has lost more than US $2.6 million a
Publish At:2020-02-15 17:09 | Read:261 | Comments:0 | Tags:Featured Articles IT Security and Data Protection business e

Cyber Resilience – Everything You (Really) Need to Know

What is cyber resilience? If you search the definition within the Oxford Dictionary, resilience alone is defined as “the capacity to recover quickly from difficulties; toughness.” If you narrow the definition down to cyber resilience, it shifts to maintaining vs recovery. As noted on Wikipedia, it becomes “the ability to provide and maintain an acceptable le
Publish At:2020-02-11 01:19 | Read:261 | Comments:0 | Tags:Featured Articles IT Security and Data Protection cyber resi

No Relief for Cybersecurity Teams in Sight, Reveals Tripwire’s Latest Skills Gap Report

You’ve seen the high-level stats on the cybersecurity skills gap, but I’ll remind you of some of the main ones from the (ISC)2 Cybersecurity Workforce Study:In the United States, the cybersecurity workforce gap is nearly 500,000.The cybersecurity workforce needs to grow by 62% in order to meet the demands of U.S. businesses today.The global cybersecurity wor
Publish At:2020-02-10 06:51 | Read:208 | Comments:0 | Tags:Featured Articles (ISC)2 Dimensional Research skills gap

10 Tenets for Cyber Resilience in a Digital World

Companies are facing increased and complex cybersecurity challenges in today’s interconnected digital economy. The cyber threats have become more sophisticated and may harm a company via innovative new forms of malware, through the compromise of global supply chains or by criminal and hostile state actors. The hard truth is that it is difficult to counter th
Publish At:2020-02-10 03:08 | Read:242 | Comments:0 | Tags:Featured Articles cyber hygiene cybersecurity Resilience

5 Ways Your Organization Can Ensure Improved Data Security

Each year on January 28, the United States, Canada, Israel and 47 European countries observe Data Privacy Day. The purpose of Data Privacy Day is to inspire dialogue on the importance of online privacy. These discussions also seek to inspire individuals and businesses to take action in an effort to respect privacy, safeguard data and enable trust.In observan
Publish At:2020-02-09 10:22 | Read:122 | Comments:0 | Tags:Featured Articles IT Security and Data Protection data data

(Podcast) Episode 01: What “Attack Surface” Means in 2020

Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim Erlin, each episode brings on a new guest to explore the evolving threat landscape, technology trends, and cybersecurity best practice
Publish At:2020-02-09 10:22 | Read:94 | Comments:0 | Tags:Featured Articles Podcast Attack Surface Dave Meltzer Tim Er

The NHS has suffered only six ransomware attacks since the WannaCry worm, investigation reveals

An investigation claims that the UK’s National Health Service, which was hit hard by the notorious WannaCry worm in 2017, has seen a marked fall in ransomware attacks since.A report published by Comparitech, based upon Freedom of Information requests, reveals the somewhat surprising news that since WannaCry there have only been six recorded ransomware
Publish At:2020-02-09 10:21 | Read:87 | Comments:0 | Tags:Featured Articles Healthcare IT Security and Data Protection

How your screen’s brightness could be leaking data from your air-gapped computer

It may not be the most efficient way to steal data from an organisation, let alone the most practical, but researchers at Ben-Gurion University in Israel have once again detailed an imaginative way to exfiltrate information from an air-gapped computer.And this time they haven’t done it by listening to a PC’s fan, or watching the blinking LED ligh
Publish At:2020-02-09 10:21 | Read:171 | Comments:0 | Tags:Featured Articles IT Security and Data Protection airgapped

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud