HackDig : Dig high-quality web security articles for hacker

Zoom promises to improve its security and privacy as usage (and concern) soars

What’s happened?Well, Coronavirus 2019 (COVID-19) happened.Okay, smart alec. I know about that. What else is going on?Well, because so many people are (wisely) staying at home, they’re using videoconferencing and chat technology like Zoom to keep in touch with friends, family and colleagues.In fact, Zoom says that daily usage has soared from appr
Publish At:2020-04-02 13:24 | Read:112 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Coronaviru

The MITRE ATT&CK Framework: Execution

Of all the tactics that an adversary will take on in their campaign, none will be more widely abused than, Execution (https://attack.mitre.org/wiki/Execution). When taking into consideration off-the-shelf malware, traditional ransomware, or state of the art advanced persistent threat actors, all of them have execution in common. There’s a great quote from Al
Publish At:2020-03-31 08:17 | Read:153 | Comments:0 | Tags:Featured Articles MITRE Framework ATT&CK execution malware r

Are You Ready for the Remote Work’s Toll on Corporate Security?

Given the situation that many companies, organizations and government agencies have been forced into working remotely due to COVID-19, it is imperative to give some thought about corporate security.Using a VPN for New Stay-at-Home WorkersMillions of employees are now working from the confines of their own homes in an effort to keep businesses running smoothl
Publish At:2020-03-31 00:20 | Read:74 | Comments:0 | Tags:Featured Articles COVID-19 VPN Working from Home

Mr and Mrs CISO: Security in the Age of the Lockdown

With so many of us frantically learning to juggle our roles as parents, workers and most recently teachers; is it just my wife and I who feel it necessary to monitor the online activity of our teenagers during this lockdown? Sure, there’s rich educational content out there, but it sits amongst social networks, streaming services, gaming consoles and a world
Publish At:2020-03-30 05:25 | Read:165 | Comments:0 | Tags:Featured Articles IT Security and Data Protection controls V

Third-party data breach exposes GE employees’ personal information

Past and present employees of General Electric (GE) are learning that their sensitive information has been exposed by a data breach at a third-party service provider.Fortune 500 company GE says it was recently informed of a security breach at one of its partners, Canon Business Process Services.According to GE, between approximately February 3 – 14, 20
Publish At:2020-03-26 10:40 | Read:179 | Comments:0 | Tags:Featured Articles IT Security and Data Protection data breac

How Organizations Can Fight to Retain Talent Amidst the Infosec Skills Gap

In a previous post, I shared some expert insight into how organizations can address the challenges of hiring skilled talent despite the ongoing infosec skills gap. Organizations can’t rest easy once they’ve brought on new talent, however. They need to make sure they hold onto their existing workforce.That’s easier said than done. Cybersecurity Ventures forec
Publish At:2020-03-23 06:49 | Read:155 | Comments:0 | Tags:Featured Articles Infosec retaining talent skills gap

The MITRE ATT&CK Framework: Initial Access

Although ATT&CK is not laid out in any linear order, Initial Access will be the point at which an attacker gains a foothold in your environment. This tactic is a nice transition point from PRE-ATT&CK to ATT&CK for Enterprise. What is different about the techniques within Initial Access is that they are more high-level than some of the other techn
Publish At:2020-03-23 06:49 | Read:247 | Comments:0 | Tags:Featured Articles MITRE Framework cis controls PowerShell sp

Whatever happened to cryptojacking?

A couple of years ago it felt like you couldn’t turn your head in any direction without seeing another headline about cryptomining and – its more evil sibling – cryptojacking.Countless websites were hijacked, and injected with cryptocurrency-mining code designed to exploit the resources of visiting computers. Victims included the likes of t
Publish At:2020-03-19 14:00 | Read:172 | Comments:0 | Tags:Featured Articles IT Security and Data Protection cryptojack

Phishing attacks exploit YouTube redirects to catch the unwary

Attackers are increasingly exploiting the fact that email gateways turn a blind eye to links to popular sites such as YouTube, in order to phish passwords from unsuspecting computer users.Researcher Ashley Trans of Cofense highlighted the threat in a blog post describing a recent phishing campaign.In the attack, an unsuspecting user receives an email which p
Publish At:2020-03-12 11:45 | Read:345 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Phishing r

The Expert’s Guide on Tackling the Cybersecurity Skills Gap

The skills gap is weighing heavily on the minds of digital security team members. In a survey of 342 security professionals, Tripwire found that 83% of infosec personnel felt more overworked in 2020 than they did a year earlier. An even greater percentage (85%) stated that it had become more difficult for their organizations to hire skilled security professi
Publish At:2020-03-12 01:29 | Read:249 | Comments:0 | Tags:Featured Articles cybersecurity skills gap

We Want You! Win the War on Ransomware Today

Arguably, the first malware extortion attack occurred in 1988 – the AIDS Trojan had the potential to be the first example of ransomware, but due to a design flaw, the victims didn’t end up actually having to pay up the 189 bucks. It’s safe to say that over the past 31 years, attackers have perfected the ransomware craft, with organizations shelling out more
Publish At:2020-03-11 01:03 | Read:341 | Comments:0 | Tags:Featured Articles IT Security and Data Protection

3 Tips for Enterprise Patch Management

A few weeks ago, I woke up one morning to discover that Android had 34 software updates waiting for me. This was followed by my laptop wanting to reboot after installing the latest patches from Microsoft; my tablet needing a reboot after its latest firmware update; and my server screaming for me to put “yum” into action to install the latest patches availabl
Publish At:2020-03-09 07:25 | Read:290 | Comments:0 | Tags:Featured Articles Vulnerability Management Patch Management

T-Mobile Says Security Incident Might Have Exposed Customers’ Data

Mobile telecommunications company T-Mobile disclosed a data security incident that might have exposed the account information of some of its customers.T-Mobile’s Cybersecurity team learned of the incident when it discovered an attack against its email vendor. The team responded by shutting down the attack and launching an investigation into what happen
Publish At:2020-03-05 08:28 | Read:282 | Comments:0 | Tags:Featured Articles email T-Mobile

How to Communicate Risk: Profiles, Dashboards and Responsibilities

The risk of a data breach with significant financial consequences and damage to brand equity is the fear of most large publicly traded companies. But many smaller businesses wrongly assume they are too small to be on the radar of the threat actors. The truth is that it is all about the data, and small businesses often have less well-guarded and well-defined
Publish At:2020-03-04 02:07 | Read:400 | Comments:0 | Tags:Featured Articles Risk Management

Beware secret lovers spreading Nemty ransomware

Digital attackers are sending around love-themed malicious emails in an attempt to infect recipients with the Nemty ransomware.If you’ve been kicking around in the world of IT security for more years than you’d like to admit, then you’ll surely remember the ILOVEYOU virus (also known as the “Love Bug” or “Loveletter”
Publish At:2020-02-28 10:55 | Read:317 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Nemty rans

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud