HackDig : Dig high-quality web security articles for hackers

In the Hacker's Crosshairs: Active Directory

Organizations Need to Adjust Their Security Strategies to Match Modern Threats The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even worse if a stolen identity belongs to a privileged user, who has even broader access, which provides the intruder with “the keys to
Publish At:2021-01-27 14:59 | Read:76 | Comments:0 | Tags:INDUSTRY INSIGHTS Identity & Access hack

Vulnerability found in top messaging apps let hackers eavesdrop

Google’s Project Zero discovered that a security flaw might have allowed hackers to eavesdrop on Android users. After an investigation conducted by cybersecurity researcher Natalie Silvanovich, the expert discovered vulnerabilities in many apps with 10M+ installs on Google Play that accept incoming calls. The affected applications include hugely popula
Publish At:2021-01-27 10:40 | Read:76 | Comments:0 | Tags:Mobile News Mobile Security Security messaging apps vulnerab

Pwn2Own 2021: Hackers Offered $200,000 for Zoom, Microsoft Teams Exploits

Trend Micro’s Zero Day Initiative (ZDI) on Tuesday announced the targets, prizes and rules for the Pwn2Own Vancouver 2021 hacking competition, a hybrid event scheduled to take place on April 6-8.Pwn2Own Vancouver typically takes place during the CanSecWest conference in Vancouver, Canada, but due to the coronavirus pandemic, this year’s event will be hybrid
Publish At:2021-01-27 07:11 | Read:102 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Fidelis, Mimecast, Palo Alto Networks, Qualys also impacted by SolarWinds hack

Security vendors Fidelis, Mimecast, Palo Alto Networks, and Qualys revealed that were also impacted by SolarWinds supply chain attack The SolarWinds supply chain attack is worse than initially thought, other security providers, confirmed that they were also impacted. Mimecast, Palo Alto Networks, Qualys, and Fidelis confirmed to have installed tainted upd
Publish At:2021-01-26 20:48 | Read:176 | Comments:0 | Tags:Breaking News Security Hacking hacking news information secu

More Cybersecurity Firms Confirm Being Hit by SolarWinds Hack

Cybersecurity companies Mimecast and Qualys have apparently been targeted by the threat actor that breached the systems of IT management solutions provider SolarWinds as part of a sophisticated supply chain attack. Fidelis Cybersecurity has also confirmed being hit, but it’s unclear if it was specifically targeted.Email security company Mimecast reported a c
Publish At:2021-01-26 15:35 | Read:121 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Virus & Threats Inciden

Hacker Admits Targeting Major US Websites

A hacker who became the first ever Cypriot national to be extradited to the United States has pleaded guilty to extorting major American website operators with stolen user data. Joshua Polloso Epifaniou was a teenager when he started hacking into websites, stealing information, and threatening to release it if he didn't receive a ransom.&n
Publish At:2021-01-26 15:30 | Read:81 | Comments:0 | Tags: hack

Ghost hack – criminals use deceased employee’s account to wreak havoc

byPaul DucklinMany, if not most, organisations will tell you that they have processes and procedures that they follow when employees leave.In particular, most companies have a slick and quick procedure for removing ex-staff from the payroll.Firstly, it doesn’t make economic sense to pay someone who is no longer entitled to the money; secondly, many cou
Publish At:2021-01-26 13:43 | Read:129 | Comments:0 | Tags:Security leadership Security threats anti-ransomware ransomw

Mimecast links security breach to SolarWinds hackers

Email security company Mimecast has confirmed today that the threat actor behind the SolarWinds supply-chain attack is behind the security breach it disclosed earlier this month."Our investigation has now confirmed that this incident is related to the SolarWinds Orion software compromise and was perpetrated by the same sophisticated threat actor," Mimecast s
Publish At:2021-01-26 13:19 | Read:94 | Comments:0 | Tags:Security security hack

North Korean hackers are targeting security researchers with malware, 0-days

A North Korean government-backed hacking group targets security researchers who focus on vulnerability and exploit development via social networks, disclosed Google tonight.According to a report released tonight by Google's Threat Analysis Group, a North Korean government-backed hacking group uses social networks to target security researchers and infect the
Publish At:2021-01-26 01:37 | Read:117 | Comments:0 | Tags:Security Google security hack

Google Warning: North Korean Gov Hackers Targeting Security Researchers

Google late Monday raised the alarm about a “government-backed entity based in North Korea” targeting -- and hacking into -- computer systems belonging to security researchers.Google’s Threat Analysis Group (TAG), a team that monitors global APT activity, said the ongoing campaign is aimed at security researchers working on vulnerability research and develop
Publish At:2021-01-25 23:59 | Read:128 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Ransomware gang taunts IObit with repeated forum hacks

A ransomware gang continues to taunt Windows software developer IObit by hacking its forums to display a ransom demand.On January 16th, the IObit forums were hacked as part of an attack to distribute the DeroHE ransomware. During this attack, the threat actors emailed all of the IObit forum users with a free software promotion linking to a ransomware in
Publish At:2021-01-25 13:55 | Read:90 | Comments:0 | Tags:Security ransomware hack

Russian Hack of US Agencies Exposed Supply Chain Weaknesses

The elite Russian hackers who gained access to computer systems of federal agencies last year didn’t bother trying to break one by one into the networks of each department.Instead, they got inside by sneaking malicious code into a software update pushed out to thousands of government agencies and private companies.It wasn’t surprising that hackers were able
Publish At:2021-01-25 12:17 | Read:61 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Ri

Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked

Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security incident, threat actors leaked sensitive data of 325K users on the Dark Web. Leaked data includes nam
Publish At:2021-01-25 05:48 | Read:119 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Digital ID BuyUcoin Darkw

Hacker leaks data of 2.28M users of dating site MeetMindful

A well-known threat actor has leaked data belonging to 2.28 million users registered on the dating website MeetMindful. ZDNet first reported that the well-known threat actor ShinyHunters has leaked the data of more than 2.28 million users registered on the dating site MeetMindful, The threat actor leaked the data for free download on a publicly accessi
Publish At:2021-01-24 14:43 | Read:121 | Comments:0 | Tags:Uncategorized data leak Hacking hacking news information sec

SonicWall firewall maker hacked using zero-day in its VPN device

Security hardware manufacturer SonicWall has issued an urgent security notice about threat actors exploiting a zero-day vulnerability in their VPN products to perform attacks on their internal systems.SonicWall is a well-known manufacturer of hardware firewall devices, VPN gateways, and network security solutions whose products are commonly used in SMB/SME a
Publish At:2021-01-23 15:07 | Read:101 | Comments:0 | Tags:Security hack

Tools

Tag Cloud