HackDig : Dig high-quality web security articles for hacker

A critical vulnerability affects Siemens smart meters

Siemens has just released a firmware update for the 7KT PAC1200 Siemens smart meters that addresses a critical vulnerability. Siemens has just released a firmware update for the 7KT PAC1200 Siemens smart meters to fix a critical vulnerability that can be exploited by remote attackers to bypass authentication and perform administrative actions on the device.
Publish At:2017-10-07 06:05 | Read:262 | Comments:0 | Tags:Breaking News Hacking Internet of Things CVE-2017-9944 IoT S

Russian spies pilfered data from NSA Contractor’s home PC running a Kaspersky AV

Russian hackers allegedly exploited Kaspersky AV to hack into NSA contractor and steal the NSA exploit code. It complicates Kaspersky’s position. Anonymous sources have claimed Russian intelligence extracted NSA exploits from a US government contractor’s home PC using Kaspersky Lab software. Sources told the Wall Street Journal that a malicious c
Publish At:2017-10-06 11:30 | Read:184 | Comments:0 | Tags:Breaking News Hacking Intelligence Malware antivirus cyber e

Apple file system flaw, macOS shows encrypted drive’s password in the hint box

Apple released a patch for macOS High Sierra 10.13 that address also a flaw in Apple file system that exposes encrypted drive’s password in the hint box. Apple yesterday released a security patch for macOS High Sierra 10.13 to fix vulnerabilities in the Apple file system (APFS) volumes and Keychain software. The vulnerability in the Apple file system w
Publish At:2017-10-06 11:30 | Read:171 | Comments:0 | Tags:Breaking News Hacking APFS Apple file system Kaychain

Securing smart grid and advanced metering infrastructure

The year is 2020, high economic, military and cultural tension between Russia & the US. You are at the London office, entering a video meeting with the sales team in America, the American team presents with enthusiasm the sales achievement of the recent quarter, then, suddenly the call is disconnected. You are trying to re-establish the connection with n
Publish At:2017-10-06 11:30 | Read:164 | Comments:0 | Tags:Breaking News Security critical infrastructure cyber securit

Zapad drills – Russia may have tested cyber weapons on Latvia

According to intelligence experts the recent Zapad drills conducted by Russia simulated an attack on all Baltic countries, it included the use of cyber weapons. Baltic and NATO officials claim Russia was behind outage in Latvia’s mobile communications network before Russia’s war games in September code-named Zapad. According to the expert, Russia may have te
Publish At:2017-10-06 11:30 | Read:115 | Comments:0 | Tags:Breaking News Cyber warfare Baltic region cyber weapon Hacki

IoT Hacking – Hacking a smart bulb – Part 1

We will be learning how to hack a smart bulb using Bluetooth. Since the topic is vast and lengthy, I have decided to split it into two parts. In the first part, we will learn the basics and theory on Bluetooth, and in the second part, we will see the actual exploitation.Let’s start.Our Aim – What we wish to do?We have a mobile application which c
Publish At:2017-10-06 10:00 | Read:141 | Comments:0 | Tags:Hacking

CVE-2017-12617 Code Execution flaw patched in Apache Tomcat

Several security vulnerabilities have been patched in recent weeks in Apache Tomcat, including the CVE-2017-12617 Code Execution vulnerability. Several security vulnerabilities have been patched in recent weeks in Apache Tomcat. The list of fixed flaws recently addressed also included code execution vulnerabilities. Apache Tomcat is the most widely used web
Publish At:2017-10-05 17:05 | Read:176 | Comments:0 | Tags:Breaking News Hacking Apache RCE Tomcat

Russian firm provides North Korea with second Internet route

Dyn Research discovered traffic coming from North Korea running over the Russian TransTeleCom network, this is the second internet route of the regime. North Korea gets a second Internet connection thanks to the support of a state-owned Russian firm. From the perspective of security analysts, this second connection will improve in a significant way the cyber
Publish At:2017-10-05 17:05 | Read:151 | Comments:0 | Tags:Breaking News Security DDoS Hacking North Korea Pyongyang

Experts discovered a SYSCON Backdoor using FTP Server as C&C

Security researchers with Trend Micro discovered a backdoor dubbed SYSCON that uses an FTP server for command and control (C&C) purposes. The SYSCON backdoor is spreading through tainted documents that refer North Korea and target individuals connected to the Red Cross and the World Health Organization. The use of an FTP server as C&C is uncommon fo
Publish At:2017-10-05 17:05 | Read:175 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware backdoor botnet Cy

Zero-Day flaws in 3 WordPress Plugins being exploited in the wild

Security experts at Wordfence reported that Zero-Day vulnerabilities in three different WordPress plugins have been exploited in the wild. Zero-day vulnerabilities in several WordPress plugins have been exploited by threat actors in the wild to hack vulnerable websites and deliver backdoors, the alarm was launched by security firm Wordfence. The attackers ha
Publish At:2017-10-04 22:40 | Read:127 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime plugin Wordpres

A new Ethereum ICO was hacked, the victim is Etherparty

The Etherparty website is the last victim in order of time of a cyber attack involving an Ethereum ICO (Initial Coin Offering). Another hack involving an Ethereum ICO (Initial Coin Offering) made the headlines, the victim is the Etherparty website that sells tokens for a blockchain-based smart contract tool. The attackers replaced the legitimate address fo
Publish At:2017-10-04 22:40 | Read:124 | Comments:0 | Tags:Breaking News Cyber Crime Hacking cryptocurrency Cybercrime

Intezer researchers link CCleaner hack to Chinese APT17 hackers

Researchers from security firm Intezer speculate that the attack was powered by nation-state actor, likely the Chinese APT17 group. Security experts continue to investigate the recent attack against the supply chain of the popular software CCleaner. The hackers first compromised in July a CCleaner server, then exploited it to deliver a backdoored version of
Publish At:2017-10-04 22:40 | Read:506 | Comments:0 | Tags:APT Breaking News Hacking Malware APT17 CCleaner version 5.3

Which are most frequently blacklisted apps by enterprises?

Mobile security firm Appthority published an interesting report that revealed which Android and iOS applications are most frequently blacklisted by enterprises. The company Appthority has published an interesting report that reveals which mobile apps, both Android and iOS, are most frequently blacklisted by enterprises. “The mobile ecosystem in an ente
Publish At:2017-10-04 22:40 | Read:149 | Comments:0 | Tags:Breaking News Mobile Reports Security blacklisted apps BYOD

UK National Lottery knocked offline by a DDoS attack on Saturday

The UK National Lottery was knocked offline by a DDoS attack on Saturday, experts speculate the involvement of the dreaded Phantom Squad group. On Saturday, a DDoS attack knocked offline the UK National Lottery impeding Britons to buy the tickets on the www.national-lottery.co.uk website or through its associated app. According to DownDetector reports, thou
Publish At:2017-10-03 09:45 | Read:256 | Comments:0 | Tags:Breaking News Cyber Crime Hacking blackmail Cybercrime DDoS

Imperva Report Q2 2017- Over 75% of DDoS targets were hit multiple times

According to Imperva DDoS report, over 75% of targets were hit multiple times in Q2 2017, while the percentage was only 43.2% in the same period of 2016. Imperva published the Global DDoS Threat Landscape for Q2 2017, the report shows an increase in the amount of persistent application layer DDoS attack over a one-year period. According to Imperva, over 75%
Publish At:2017-10-03 09:45 | Read:194 | Comments:0 | Tags:Breaking News Hacking Reports botnet Cybercrime DDoS Q2 2017

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud