HackDig : Dig high-quality web security articles for hackers

5 Risks You Need to Remember When Securing Your Containers

Containers are on the rise. As reported by GlobalNewswire, Allied Market Research estimated that the application market would grow from its 2016 value of $698 million to $8.20 by 2025. With a compound annual growth rate of 31.8% between 2018 and 2025, this increase would largely reflect both the surge in popularity in application container technology along w
Publish At:2020-07-13 23:05 | Read:95 | Comments:0 | Tags:Featured Articles IT Security and Data Protection container

VPNs: What Do They Do, and What Don’t They Do?

Virtual Private Networks, or VPNs, are not exactly a new technology. When I started my career in IT about 15 years ago, VPN tunnels were the standard way we connected remote offices by extending private networks over the public Internet.Recently, as workforces continue to decentralize due to the rise of Cloud Computing as well as the current pandemic, VPN ha
Publish At:2020-07-13 02:47 | Read:95 | Comments:0 | Tags:Featured Articles

Cosmic Lynx: The Highly-Professional Cybercrime Gang Scamming Businesses Out of Millions of Dollars

Things just got serious.Business Email Compromise is no longer solely the province of chancers and opportunistic Nigerian actors such as the Yahoo Boys. Organised criminal gangs with a high level of professionalism have seen the opportunity and seized it.Security researchers at Agari have published a report detailing their investigations into a Russian cyber
Publish At:2020-07-09 09:59 | Read:184 | Comments:0 | Tags:Featured Articles IT Security and Data Protection BEC Cosmic

I Have Antivirus; I’m Protected, Right? Mis-steps Customers Make with their Security and Vulnerability Tools

I’ve worked in the IT field for over 30 years. 20 of those years have been spent in the network security field, employed by some of the largest names in the industry. But to my family, I’m still just the guy who “works with computers”.Many of my family are not computer savvy, which is a nice way of saying I had to teach them where the power button is. Howeve
Publish At:2020-07-09 02:16 | Read:238 | Comments:0 | Tags:Featured Articles Vulnerability Management Security Tools vu

Ransomware Characteristics and Attack Chains – What you Need to Know about Recent Campaigns

Ransomware has been around for decades going back all the way to 1989. Since then it has only magnified in scope and complexity. Now at a time when working remotely is becoming more universal and the world is trying to overcome the Covid-19 pandemic, ransomware has never been more prominent. Ransomware is a type of malware that prevents users from accessing
Publish At:2020-07-07 23:14 | Read:112 | Comments:0 | Tags:Featured Articles malware Maze NetWalker PonyFinal ransomwar

Using “Update.exe” as a Case Study for Robust OT Cybersecurity

In 2020, car manufacturer Honda fell victim to a ransomware attack. Using a payload called “update.exe,” the attack crippled Honda’s international customer service and Financial Services wing for days. Although it affected two customer facing branches of this global corporation, the ransomware was designed to target and breach Honda’s critical ICS/SCADA envi
Publish At:2020-07-07 00:04 | Read:104 | Comments:0 | Tags:Featured Articles ICS Security cyberattack ICS security malw

Design & Implementation of OEM ICS Cybersecurity Frameworks: The Good, The Bad, and The Ugly

The cyber threat landscape today continues to pose a myriad of unique challenges. This is especially the case for industrial organizations due to factors such as aging equipment, poor design or implementation, skills gaps and a lack of visibility. These shortcomings are exacerbated by the mean time to breach detection, which continues to hover above 150 days
Publish At:2020-07-06 00:55 | Read:237 | Comments:0 | Tags:Featured Articles ICS Security Center for Internet Security

Entornos ICS y gestión de parches: qué hacer si no puede aplicar parches

La evolución de las de amenazas de ciberseguridad destaca la necesidad emergente de que las organizaciones fortalezcan su capacidad para identificar, analizar y evaluar estos riesgos antes de que evolucionen a incidentes de ciberseguridad. Aunque los términos “gestión de parches” y “gestión de vulnerabilidades” se utilicen como si fue
Publish At:2020-07-06 00:55 | Read:224 | Comments:0 | Tags:Featured Articles

22,900 MongoDB Databases Held to Ransom by Hacker Threatening to Report Firms for GDPR Violations

Hackers are once again finding unsecured MongoDB databases carelessly left exposed on the internet, wiping their contents, and leaving a ransom note demanding a cryptocurrency payment for the data’s safe return.As ZDNet reports, ransom notes have been left on almost 23,000 MongoDB databases that were let unprotected on the public internet without a pas
Publish At:2020-07-02 12:01 | Read:65 | Comments:0 | Tags:Featured Articles IT Security and Data Protection data breac

Understanding the Purpose of Security Controls and the Need for Compliance

What are the brakes on a car designed to do? I have asked this question many times when speaking to customers or organizations who were dipping their toes into the audit space. Invariably, their answer was, “To stop the car.” At this point, I would then ask, “Then how do you get where you want to go?”What Is the Purpose of Controls and a Compliance Program?W
Publish At:2020-07-02 00:24 | Read:164 | Comments:0 | Tags:Featured Articles Security Controls audit Complaince IT Cont

What to Expect from Brazil’s New Data Protection Law

The European GDPR (General Data Protection Regulation) is one of the most influential consumer privacy laws that has affected 500,000 companies throughout the world. This law has played a crucial role in formulating another substantial privacy law known as the California Consumer Privacy Act that came into effect on January 1, 2020.Similar to the European GD
Publish At:2020-06-28 23:02 | Read:115 | Comments:0 | Tags:Featured Articles IT Security and Data Protection data prote

Find a PlayStation 4 vulnerability and earn over $50,000

Do you think you have found a vulnerability in the Sony PlayStation 4 or the PlayStation Network?If so, you could be heading towards a sizeable sum of money. That’s because Sony announced details of a new bug bounty program that it is running in co-ordination with vulnerability-reporting platform HackerOne.Sony is inviting security researchers, gamers
Publish At:2020-06-25 12:20 | Read:207 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Bug Bounty

How to Reduce the Risk of Misoperations in Your Bulk Electric Systems

Reliability is essential to the functionality of an electric power grid. This principle guarantees that a constant qualitative and quantitative supply of electric power is flowing from a provider to businesses, homes and more. It’s what enables electric power to drive life forward in modern society.As a result, there’s reason to be concerned about events tha
Publish At:2020-06-25 02:23 | Read:102 | Comments:0 | Tags:Featured Articles ICS Security Bulk Electric System NERC rel

State of Insider Data Breaches in 2020

Organizations protect critical assets and sensitive information from the outside world by continually updating their security controls and policies. However, the origin of a breach is not always outside of the organization, and recently, insider breaches have gained attention amid an increase in the flexibility of tools for information sharing.Insider threat
Publish At:2020-06-23 23:21 | Read:201 | Comments:0 | Tags:Featured Articles IT Security and Data Protection data breac

Transportation Systems Sector Cybersecurity Framework Implementation Guide

As smart ticketing systems and technological solutions become more prevalent in the transportation industry, the issue of transportation systems’ cybersecurity becomes a greater concern.Transportation Systems Cybersecurity is a Major ConcernIn August 2019, Transport for London (TfL) was forced to temporarily close down the online facility for its Oyste
Publish At:2020-06-23 00:12 | Read:139 | Comments:0 | Tags:Featured Articles ICS Security NIST train underground

Announce

Share high-quality web security related articles with you:)

Tools