HackDig : Dig high-quality web security articles for hacker

The apparent difficulty of implementing email encryption in Gmail

It’s been almost three years since Google first announced its intention to add end-to-end encryption to Gmail. However, the free email service is yet to provide users with that feature. Despite the Internet giant insists that it was never a bluff, one of the company’s latest movements has reignited the criticism. Recently, a spokesperson from Goo
Publish At:2017-06-14 11:50 | Read:248 | Comments:0 | Tags:Security end-to-end encryption Gmail Google Privacy technolo

Malvertising campaign in Google Search redirected users to tech support scam

Malicious ads in Google search results for the US retail giant Target redirected users to a tech support scam. The malvertising campaign was first reported last week by a US user who posted his observations to a StackExchange thread and was then reported by Bleepingcomputer.com. Just querying Google for the term “target,” users were displayed on
Publish At:2017-06-06 09:55 | Read:285 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime Google malverti

Millions of Android devices potentially exposed to the Cloak and Dagger attack

Researchers at Georgia Institute of Technology have discovered a new attack against Android OS, dubbed ‘Cloak and Dagger,’ millions of devices at risk. Security researchers at Georgia Institute of Technology have discovered a new attack, dubbed ‘Cloak and Dagger’, that allows taking full control of Android devices. The  ‘Cloak a
Publish At:2017-05-26 09:05 | Read:317 | Comments:0 | Tags:Breaking News Hacking Android Cloak and Dagger Google

Emergency Fix for Windows Anti-Malware Flaw Leads May’s Patch Tuesday

Adobe and Microsoft both issued updates today to fix critical security vulnerabilities in their software. Microsoft actually released an emergency update on Monday just hours ahead of today’s regularly scheduled “Patch Tuesday” (the 2nd Tuesday of each month) to fix a dangerous flaw present in most of Microsoft’s anti-malware technolo
Publish At:2017-05-13 16:15 | Read:214 | Comments:0 | Tags:Other Adobe Flash Player update Flash Player 25.0.0.171 goog

Identifying Sources of Leaks with the Gmail “+” Feature

For years, Google is offering two nice features with his gmail.com platform to gain more power of your email address. You can play with the “+” (plus) sign or “.” (dot) to create more email addresses linked to your primary one. Let’s take an example with John who’s the owner of john.doe@gmail.com. John can share the email
Publish At:2017-05-13 15:50 | Read:223 | Comments:0 | Tags:Security Dump Google leak Passwords

Denmark blamed Russia APT28 group for cyber intrusions in Defense Ministry Emails

Denmark on Monday denounced Russia after the publication of a report that accused Russian APT28 of hacking the defense ministry’s email accounts. Today the Danish Government officially blamed Russia for cyber attacks against its Defense Ministry. Denmark denounced a cyber intrusion in several Defense Ministry’s email accounts. The accusation com
Publish At:2017-04-26 07:51 | Read:366 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking APT28 cyber espionag

Over 70% of Android Devices Don’t Have Latest Security Patch Installed

According to recent research, the majority of Android devices are running security patches that are months old, leaving users vulnerable to attacks.Mobile security company Skycure released the findings of its Q4 2016 Mobile Threat Intelligence Report, revealing that over 70 percent of Android phones lack the latest security patches.The company evaluated Andr
Publish At:2017-03-25 05:00 | Read:654 | Comments:0 | Tags:Latest Security News Android Google mobile patch

Clever Gmail Phishing Scam Tricked Even Technical Users

A Gmail phishing campaign is clever enough to have almost tricked or successfully fooled multiple technical users.The attack, which other contributors to The State of Security have spotted, begins when a Gmail user receives an email. Oftentimes, the message comes from someone they know whose account has already been compromised. The email appears to contain
Publish At:2017-03-20 14:30 | Read:407 | Comments:0 | Tags:Latest Security News Gmail Google Phishing

Is E2EMail a new beginning or the end for Google’s End-to-End?

Google’s end-to-end email encryption project that it started back in 2014 has left home. But has the Chrome extension really “flown the nest” as Google claimed last week? Or has it simply been abandoned and left to fend for itself?Turn back the clocks to 2013. Google promises end-to-end encryption in an effort to regai
Publish At:2017-03-01 22:10 | Read:747 | Comments:0 | Tags:Google Google Chrome Privacy email encryption open-source

The Google E2EMail is now fully community-driven open source project

Google has now announced that E2EMail is no more a Google product, instead, it has become a “fully community-driven open source project.” The End-to-End crypto library is a core component of several projects of the IT giant such as the E2EMail, a Chrome app that runs independent of the normal Gmail web interface and allows non-technical users to exchange enc
Publish At:2017-03-01 19:40 | Read:664 | Comments:0 | Tags:Breaking News Digital ID E2EMail encryption Google PGP Pierl

CVE-2017-0037 – Google Project Zero discloses another unpatched Microsoft Edge and IE Vulnerability

The researchers at Google’s Project Zero have revealed another flaw, tracked as CVE-2017-0037, that affects Microsoft Edge and IE. It has happened again, the researchers at Google’s Project Zero have revealed another flaw, tracked as CVE-2017-0037, in Microsoft products. The flaw affects Microsoft’s Internet Explorer and Edge browsers, it w
Publish At:2017-02-27 12:20 | Read:773 | Comments:0 | Tags:Breaking News Hacking CVE-2017-0037 Google IE Vulnerability

The Internet’s Freshest Wounds: My Thoughts On Ticketbleed, Cloudbleed and HTTPS

UPDATE 2/24/17, 4:30 PM PST: Researcher Hanno Böck (@hanno) has confirmed that leaked CloudFlare data was not entirely purged from multiple search engine caches ahead of the public disclosure.In April 2014, the security community was shocked with the revelation that a poorly implemented TLS extension in OpenSSL could allow attackers to easily disclose privat
Publish At:2017-02-25 03:05 | Read:563 | Comments:0 | Tags:IT Security and Data Protection Cloudbleed Cloudflare Google

Out-of-band resource load in Google allows attacker to launch a DDoS attack from its servers

A security researcher discovered an Out-of-band resource load flaw in Google’s servers that allowed him to perform a DDoS attack on remote hosts. Young security researcher, Luka Sikic from Croatia found a serious vulnerability in Google. He was able to servers of the IT giant to perform a DDoS attack on remote hosts. Out-of-band resource load (classifi
Publish At:2017-02-24 10:20 | Read:424 | Comments:0 | Tags:Breaking News Hacking DDoS Google Out-of-band resource load

How Google Took on Mirai, KrebsOnSecurity

The third week of September 2016 was a dark and stormy one for KrebsOnSecurity. Wave after wave of huge denial-of-service attacks flooded this site, forcing me to pull the plug on it until I could secure protection from further assault. The site resurfaced three days later under the aegis of Google’s Project Shield, an initiative which seeks to protect
Publish At:2017-02-04 00:50 | Read:730 | Comments:0 | Tags:Other anna-senpai Ars Technica Damian Menscher Dan Goodin DD

Hacker discovered security flaws in Amazon, Apple and Google epub services

A hacker discovered a XXE flaw in the EpubCheck library that affects major epub services causing information disclosure and denial of service conditions. The security expert and bug hunter Craig Arendt (@craig_arendt) has discovered flaws in major eBook readers including the ones commercialized by Amazon, Apple, and Google. The expert discovered different XM
Publish At:2017-01-27 18:40 | Read:626 | Comments:0 | Tags:Breaking News Hacking Amazon Apple epub services EpubCheck l

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud