HackDig : Dig high-quality web security articles for hacker

Turning Data into Metrics – A Vulnerability Story

One of the main issues I find across the information security industry is that we constantly need to justify our existence. IT has been the traditional cost centre, but businesses have slowly realized they need to spend on IT to enable their businesses. Information security, on the other hand, is the team that is constantly preventing the business from freel
Publish At:2017-03-28 06:40 | Read:4020 | Comments:0 | Tags:Featured Articles Vulnerability Management remediation secur

The Sackcloth & Ashes of WordPress Security

This is my first blog in an ongoing “It’s Not Rocket Science” series featuring articles on Information security.“Security is not an absolute, it’s a continuous process and should be managed as such. Security is about risk reduction, not risk elimination, and risk will never be zero. It’s about employing the appropriate security controls tha
Publish At:2017-03-28 06:40 | Read:5247 | Comments:0 | Tags:Featured Articles IT Security and Data Protection CMS securi

3 Trends in Support of a More Nuanced Approach to ICS Security

The security community has seen multiple high-profile incidents targeting industrial control systems (ICS) over the past few years. No one can forget Christmas 2015, when a threat actor linked to the Russian government sent spear-phishing emails to the Western Ukrainian power company Prykarpattyaoblenergo.Those messages were laced with BlackEnergy, a form of
Publish At:2017-03-27 12:15 | Read:4967 | Comments:0 | Tags:Featured Articles ICS Security ics malware security

5 Lessons Lock Picking Can Teach You About Cyber Security

Security is a complex and connected web. Though there are many different categories within the all-encompassing field of security, there are still certain lessons that translate across the disciplines. Physical security can largely be seen as a manifestation of the ethereal elements of cyber security. Both the digital and the physical worlds of security rely
Publish At:2017-03-27 12:15 | Read:5041 | Comments:0 | Tags:Cyber Security Featured Articles Exploit lock picking

How to Protect Your E-commerce Business from Cyber Attacks

Just as traditional brick-and-mortar businesses are targeted by anarchists during protests or times of unrest, e-commerce businesses are targeted by cyber criminals, except they don’t wait for particular season or reason.Whether small, medium or large, every business is, sadly, at the mercy of hackers who will exploit every opportunity they get to breach sen
Publish At:2017-03-23 16:10 | Read:4510 | Comments:4 | Tags:Cyber Security Featured Articles cyber attack E-commerce SSL

SCM: Reducing Security Risk via Assessment and Continuous Monitoring

As I discussed in a previous blog post, a key security control known as file integrity monitoring (FIM) helps organizations defend against digital threats by monitoring for unauthorized changes to their system state. But that’s only half the battle. A change could be authorized but still create new security risk. Organizations need to watch for these t
Publish At:2017-03-23 16:10 | Read:3299 | Comments:0 | Tags:Featured Articles Security Configuration Management complian

Author of Citadel malware, used to steal $500 million from bank accounts, pleads guilty

The Russian author of the notorious Citadel malware which infected over 11 million PCs and stole an astonishing $500 million from bank accounts has pleaded guilty to his crimes.29-year-old Mark Vartanyan, who went by the online handle of “Kolypto”, was arrested in the Norwegian town of Fredrikstad in 2015 at the request of the FBI. His extraditio
Publish At:2017-03-23 16:10 | Read:2416 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Citadel ma

Stop the Most Advanced Adversaries

Imagine that you are operating on an old XP, Win98 or Windows Server 2003 system. The system is out-of-support and vulnerable to a raft of possible exploits.However, it would be too disruptive to operations to update these systems since they’re running critical applications and processes. And even if you do upgrade to the latest versions, the list of new exp
Publish At:2017-03-22 03:20 | Read:5673 | Comments:0 | Tags:Featured Articles Off Topic Insider malicious security

Making Mistakes in Security

At some point in your career, you will make mistakes—small mistakes, big mistakes, even career-defining mistakes. I am writing this in retrospect because during the course of my job duties, I recently made a mistake. The details are irrelevant, but I wanted to share my experience with making mistakes in the professional world.Mistakes and human error in Info
Publish At:2017-03-22 03:20 | Read:7482 | Comments:0 | Tags:Featured Articles Security Awareness Human Factor security

The Importance of a Strategic Response to Cyber Incidents

There are a variety of ways a company can experience cyber incidents, ranging from a distributed denial of service network attack to internal information theft.The first response is usually to enlist incident response professionals to resolve the issue as quickly and efficiently as possible. However, there are several factors companies should consider in det
Publish At:2017-03-21 08:55 | Read:3790 | Comments:0 | Tags:Featured Articles Risk-Based Security for Executives data br

Bringing Clarity to Really Really Big Data: A Case for AI and Machine Learning to Help Crunch and Protect Our Data

Funny how kids have an affinity for toys we enjoyed as kids. Like Legos. They will spend hours creating the biggest “thing”, often leading to a parent’s near universal response, “Johnny! That is the biggest tower I have ever seen! Great job!” Children (and we) love Legos because they foster imagination, offering a limitless way to create something “gigantic!
Publish At:2017-03-21 08:55 | Read:4424 | Comments:0 | Tags:Featured Articles IT Security and Data Protection AI cyberse

Wireless Routers: First Line of Defense

Almost everything you read or hear about routers includes a sentence or two about router security. The focus is generally on this essential piece of hardware as the first line of defense in an internet-connected world. Many medium-sized companies and large corporations take this into account when they purchase and set up their network infrastructure.They ten
Publish At:2017-03-20 14:30 | Read:4373 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Network Ro

Computer Security Disruption Tactics: Security Experts Race On To Catch The Hackers

It’s now evident there are many more hacker intrusions during which security experts struggle to repel attackers and resolve damage than we first thought. The growing trends of sabotage, extortion, and disruption of both individual users and critical services have raised concerns about cybersecurity worldwide.Cybersecurity Threats Are a Leading Cause o
Publish At:2017-03-20 14:30 | Read:3470 | Comments:0 | Tags:Cyber Security Featured Articles disruption hackers security

Yahoo! Bleeds for the Protection of Customer Data

On March 1, Marissa Mayer, Yahoo!’s Chief Executive Office, gave up millions of dollars. As she noted in a blog post on Tumblr, “I am the CEO of the company [Yahoo!] and since this incident happened during my tenure, I have agreed to forgo my annual bonus and my annual equity grant.” All in, Mayer gave up upwards of 2 million in cash bonuses and millions mor
Publish At:2017-03-17 12:35 | Read:3354 | Comments:0 | Tags:Cyber Security Featured Articles breach data Yahoo

VERT Threat Alert: March 2017 Patch Tuesday Analysis

Today’s VERT Alert addresses 18 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins and expects to ship ASPL-716 on Wednesday, March 15th.Ease of Use (published exploits) to Risk TableAutomated ExploitEasyModerateDifficultExtremely DifficultMS17-006MS17-007MS17-008MS17-013MS17-014MS17-017MS17-018 MS17-012No Known Exploi
Publish At:2017-03-15 23:31 | Read:5120 | Comments:0 | Tags:Featured Articles Vulnerability Management Adobe microsoft P

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud