HackDig : Dig high-quality web security articles for hacker

Still problems for Schneider Electric, Schneider Modicon TM221CE16R has a hardcoded password

The firmware running on the Schneider Modicon TM221CE16R (Firmware 1.3.3.3) has a hardcoded password, and there is no way to change it. I believe it is very disconcerting to find systems inside critical infrastructure affected by easy-to-exploit vulnerabilities while we are discussing the EU NIS directive. What about hard-coded passwords inside critical syst
Publish At:2017-04-05 19:25 | Read:2615 | Comments:0 | Tags:Breaking News Hacking Firmware SCADA Schneider Modicon TM221

Vault7 Dark Matter batch – CIA has been targeting the iPhone supply chain since at least 2008

Wikileaks released the second bash of CIA’s Vault 7 dump, it contains other precious documents to understand the way CIA was hacking systems worldwide. The Wikileaks Vault 7 dump will make for a long time the headlines, the organization has just released another lot of classified documents related the hacking tools and techniques and exploit codes used
Publish At:2017-03-23 18:00 | Read:3717 | Comments:0 | Tags:Breaking News Intelligence Apple CIA Dark Matter Firmware Ha

Be careful products sold on Amazon are infected with malware

Beware, even things on Amazon come with embedded malware… this is the disconcerting discovery made by the expert Mark Olsen. The security expert Mike Olsen warned about the presence of malware in products sold through the Amazon service. Olsen was searching for outdoor surveillance cameras on Amazon for a friend’s home. He has found an interesting offe
Publish At:2016-04-11 00:20 | Read:3730 | Comments:0 | Tags:Breaking News Hacking Malware Amazon Firmware infected produ

A flaw in CISCO Universal Small Cell allows firmware retrieval

A flaw affecting the Cisco Universal Small Cell devices allows unauthenticated remote users to retrieve devices’ firmware, so Cisco urges patching these systems. Other problems for the IT giant Cisco, the company is asking service providers using its Universal Small Cell solutions to update their systems and install a patch to solve a serious security
Publish At:2016-02-15 20:30 | Read:3496 | Comments:0 | Tags:Breaking News Hacking Security CISCO Firmware Universal Smal

Now VirusTotal can scan your firmware image for bad executables

VirusTotal presented a new malware scanning engine that allows users to analyze their firmware images searching for malicious codes. VirusTotal has recently announced the launch of a new malware scanning service for firmware images. The intent is to allow users to identify malicious firmware images. Threat actors could exploit
Publish At:2016-01-31 18:50 | Read:2859 | Comments:0 | Tags:Breaking News Malware Security Bios Firmware UEFI Virus tota

Rockwell Patches Serious ‘FrostyURL’ PLC Vulnerability

Rockwell Automation has patched a handful of vulnerabilities in its Allen-Bradley MicroLogix programmable logic controllers, including one that researchers say can be exploited with a single malicious URL.Members of CyberX’s research team disclosed details on the vulnerability Wednesday at the 2015 ICS Cyber Security Conference. The Industrial Control
Publish At:2015-10-29 15:40 | Read:1925 | Comments:0 | Tags:Critical Infrastructure Vulnerabilities Web Security CyberX

D-Link firmware accidentally includes Code Signing Keys

The Taiwanese networking equipment manufacturer D-Link has accidentally published its private code signing keys in the source of one of its firmware update. According to the Dutch news site Tweakers, the Taiwan-based networking equipment manufacturer D-Link accidently published its private code signing keys inside its open sou
Publish At:2015-09-19 20:20 | Read:3218 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Code Signing keys D-Link D

Malicious Cisco router backdoor found on 79 more devices, 25 in the US

The highly clandestine attacks hitting Cisco Systems routers are much more active than previously reported. Infections have hit at least 79 devices in 19 countries, including an ISP in the US that's hosting 25 boxes running the malicious backdoor.That discovery comes from a team of computer scientists who probed the entire IPv4 address space for infected dev
Publish At:2015-09-16 18:00 | Read:3524 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab backdoors Cisc

Equation APT Group Attack Platform A Study in Stealth

Spies thrive only when they’re able to quietly infiltrate targets and slither away unnoticed; this principle is the same whether we’re talking about the physical world, or digital.The recently uncovered Equation APT group is prime example of the investment nation-state sponsored attackers make in stealth. The group, which researchers at Kaspersky
Publish At:2015-03-11 08:55 | Read:2417 | Comments:0 | Tags:Critical Infrastructure Government Hacks Malware Vulnerabili

Inside nls_933w.dll, the Equation APT Persistence Module

CANCUN – The names called out like beacons from the screen: Samsung; Seagate; Western Digital; Hitachi; Maxtor. Hardware makers were in the crosshairs of the Equation APT group and it was perhaps the worst possible scenario imagined by researchers looking at the frightening and extensive storehouse of capabilities within the attack platform.By extending its
Publish At:2015-02-17 14:00 | Read:3594 | Comments:0 | Tags:Government Hacks Malware Security Analyst Summit apt ATA com

First Public Mac OS X Firmware Bootkit Unleashed

A vulnerability at the heart of Apple’s Mac OS X systems—one thus far only partially addressed by Apple—opens the door to the installation of malicious firmware bootkits that resist cleanup and give hackers persistent, stealthy control over a compromised Mac.The research is the work of a reverse engineering hobbyist and security researcher named Tramme
Publish At:2015-01-08 21:25 | Read:3154 | Comments:0 | Tags:Apple Hacks Vulnerabilities 31C3 apple Apple EFI firmware Ap

New Research, Same Old Problems With BadUSB

BadUSB hasn’t gone from bad to worse necessarily, but it sure has reached a new state of confusion for security experts and consumers in the crosshairs.Researcher Karsten Nohl, who warned the world during Black Hat last summer that the controller chips in most USB devices could be reprogrammed to behave badly, has dug deeper into the problem. Nohl̵
Publish At:2014-11-17 22:15 | Read:3031 | Comments:0 | Tags:Hacks Mobile Security Vulnerabilities Adam Caudill BadUSB Bl

Serious Root Access Bug in Belkin N750 Router

A serious vulnerability in a popular Belkin router could be exploited by a local, unauthenticated attacker to gain full control over affected devices.The good news is that the bug has already been patched by Belkin. The bad news is that approximately nobody installs router firmware updates.Related PostsBelkin Patches Directory Traversal Bug in Wireless Route
Publish At:2014-11-07 19:15 | Read:2369 | Comments:0 | Tags:Hacks Web Security Belkin firmware Router

Mummy, my schoolbooks are spying on me! 60 Sec Security [VIDEO]

Got a minute to spare?Watch this week's 60 Second Security...→ Can't view the video on this page? Watch directly from YouTube. Can't hear the audio? Click on the Captions icon for closed captions.In this episode:• [0'05"] Adobe to update e-reader to mop up data leak• [0'25"] BadUSB - now with DIY instructions• [0'49"] Return of the Androi
Publish At:2014-10-11 13:45 | Read:2745 | Comments:0 | Tags:Adobe Android Cryptography Data loss Featured Google Malware

SSCC 168 - Amaze your friends by ruining all their USB drives! [PODCAST]

Sophos Security Chet Chat - Episode 168 - October 8, 2014News, opinion, advice and research!Here's our latest security podcast, featuring Sophos experts and Naked Security writers Chester Wisniewski and Paul Ducklin.(Audio player above not working? Download the MP3, or listen on Soundcloud.)In this episode of the Chet Chat [0'36"] BadUSB - now with Do-It-Yo
Publish At:2014-10-09 01:30 | Read:3532 | Comments:0 | Tags:Data loss Featured Malware Podcast Privacy Vulnerability bad

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud