HackDig : Dig high-quality web security articles for hacker

Blackmail attempts by ex-employees

For German companies, the damage caused by cybercrime now totals more than 40 billion euros per year. And while it is often assumed that cyberattacks are carried out by external hackers or by state sponsored agents, the reality is quite different. For example, the German Federal Bureau for Information Security (BSI) sees so-called insiders as a greater dange
Publish At:2020-02-25 10:38 | Read:199 | Comments:0 | Tags:Business Security b2b Germany insiders

Hacker attack on another DAX company detected

A spokesperson for the chemical company LANXESS has confirmed a hacker attack, which was discovered in the middle of last year. The extent of the damage is as yet unknown. Hacker group WinNTI suspected to be behind the attack According to research by Bayerischen Rundfunks and NDR, a hacker group called WinNTI was behind the attack. According to the company,
Publish At:2020-02-10 19:05 | Read:212 | Comments:0 | Tags:Business News advanced cybersecurity corporate cybersecurity

More dangerous vulnerabilities in Intel CPUs

Intel  has released information about two potentially dangerous flaws in the processor architecture of its CPUs. The chip manufacturer had already provided security updates for similar gaps in May and November 2019. Although the new vulnerabilities seem to be less critical than the previous ones, side-channel attacks are still possible. The third Intel patch
Publish At:2020-02-04 09:15 | Read:250 | Comments:0 | Tags:Business News CPU Germany intel

Access data of 515,000 servers and IoT devices leaked online: Remote control via Telnet possible

Cybercriminals have published the access data and IP addresses of over 515,000 servers, routers and IoT devices on a hacker forum. This data can be used to control vulnerable devices using the remote maintenance service Telnet. This could allow attackers to connect to the devices, install malware and use it for their own benefit, for example to set up a botn
Publish At:2020-01-28 09:15 | Read:336 | Comments:0 | Tags:Business News data breach Germany IoT

German commercial companies in hacker focus – Panda protects you

Several German DAX companies were spied on by a hacker group called WinNTI in mid-2019. The German Federal Office for the Protection of the Constitution (BfV) assumes that the German industry will be an attractive target for ongoing waves of attacks. In December 2019, the BfV published a Cyber Brief with hints on current attack campaigns and sent it to many
Publish At:2020-01-24 09:15 | Read:261 | Comments:0 | Tags:Business News advanced cybersecurity Germany

Serious security breach in Internet Explorer: Microsoft warns against use

A critical vulnerability in Internet Explorer, with the identifier CVE-2020-0674 has been published by Microsoft. It allows attackers to remotely execute code using the JScript.dll library. A security patch is currently being created. On the first patch Tuesday of 2020, Microsoft released 49 updates; shortly afterwards, the vendor reported a new zero-day sec
Publish At:2020-01-21 09:15 | Read:423 | Comments:0 | Tags:News Security Germany Microsoft vulnerability

Help?! Possible global hacker attack by Citrix vulnerability

Following another official vulnerability alert issued in the past 48 hours, which has been known since December, companies still protected from this new attack are continuously receiving new requests for help. CISA considers the vulnerability to be one of the most dangerous exploits of recent years. Potentially, some 80,000 companies worldwide are at risk. T
Publish At:2020-01-17 09:15 | Read:504 | Comments:0 | Tags:News Security business Exploit Germany vulnerability Vulnera

Severe flaws found in German e-Government OSCI 1.2 Communication Library

Security researchers at SEC-Consult found severe vulnerabilities in the German e-government Communication Library OSCI (Online Services Computer Interface). According to the experts at SEC-Consult, the German e-government system OSCI (Online Services Computer Interface) is open to padding oracle attacks and other vulnerabilities due to the use of an insecure
Publish At:2017-07-04 00:55 | Read:3048 | Comments:0 | Tags:Breaking News Hacking Germany hackng OSCI-Transport library

TROOPERS 2017 Day #2 Wrap-Up

This is my wrap-up for the 2nd day of “NGI” at TROOPERS. My first choice for today was “Authenticate like a boss” by Pete Herzog. This talk was less technical than expected but interesting. It focussed on a complex problem: Identification. It’s not only relevant for users but for anything (a file, an IP address, an application, …). Pete started by providing
Publish At:2017-03-24 02:00 | Read:3544 | Comments:0 | Tags:Event Security Conference Germany Troopers

TROOPERS 2017 Day #3 Wrap-Up

The third day is already over! Today the regular talks were scheduled split in three tracks: offensive, defensive and a specific one dedicated to SAP. The first slot at 09:00 was, as usual, a keynote. Enno Rey presented ten years of TROOPERS. What happened during all those editions? The main ideas behind TROOPERS have always been that everybody must learn so
Publish At:2017-03-24 02:00 | Read:4052 | Comments:0 | Tags:Event Security Conference Germany Troopers

TROOPERS 2017 Day #4 Wrap-Up

I’m just back from Heidelberg so here is the last wrap-up for the TROOPERS 2017 edition. This day was a little bit more difficult due to the fatigue and the social event of yesterday. That’s why the wrap-up will be shorter…  The second keynote was presented by Mara Tam: “Magical thinking … and how to thwart it”. Mara is an advisor to execut
Publish At:2017-03-24 02:00 | Read:3855 | Comments:0 | Tags:Event Security Conference Germany Troopers

TROOPERS 2017 Day #1 Wrap-Up

I’m in Heidelberg (Germany) for the 10th edition of the TROOPERS conference. The regular talks are scheduled on Wednesday and Thursday. The two first days are reserved for some trainings and a pre-conference event called “NGI” for “Next Generation Internet” focusing on two hot topics: IPv6 and IoT. As said on the website: “NGI aims to provide discussion on h
Publish At:2017-03-21 00:20 | Read:4814 | Comments:0 | Tags:Event Security Conference Germany Troopers

UK NCSC warns of cyber attacks powered by Russia against the political system

The UK National Cyber Security Center (NCSC) is warning of Russian political hacking capabilities, the risk of cyber attacks against the political system is high. The alert was raised by the UK National Cyber Security Center (NCSC) that is informing political parties in the UK to warn about “the potential for hostile action against the UK political sys
Publish At:2017-03-14 12:30 | Read:2827 | Comments:0 | Tags:Breaking News Cyber warfare Intelligence cyber espionage GCH

UK police arrested the alleged mastermind of the MIRAI attack on Deutsche Telekom

The prosecutor’s office in Cologne and the Federal Criminal Police Office have arrested the alleged mastermind of the MIRAI attack on Deutsche Telekom The agents at the UK National Crime Agency (NCA) have a man that is suspected to be involved with the massive attack on Deutsche Telekom that affected more than 900k routers in November 2016. The affecte
Publish At:2017-02-23 15:55 | Read:3783 | Comments:0 | Tags:Breaking News Cyber Crime Internet of Things Malware Cybercr

Don’t Blink! TrickBot Now Targets 10 German Savings Banks

IBM X-Force researchers following the development of the TrickBot Trojan noted that the malware is rapidly adding new targets and attack capabilities and has now officially advanced into Germany. The most recent additions to TrickBot’s configurations target 10 savings banks in the European country. At this time, TrickBot is configured to use serverside
Publish At:2016-12-01 11:20 | Read:6144 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Threat Intelli

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud