HackDig : Dig high-quality web security articles for hacker

A week in security (November 4 – November 10)

Last week on Malwarebytes Labs, we announced the launch of Malwarebytes 4.0, tackled data privacy legislation, and explored some of the ways robocalls come gunning for your data and your money. We also laid out the steps involved in popular vendor email compromise attacks. Other cybersecurity news Bug bounty bonanza: Rockstar Games open up their bounty prog
Publish At:2019-11-11 23:20 | Read:14 | Comments:0 | Tags:A week in security awis cyber facebook fake news hacking Mob

M6 Group, largest France private multimedia group, hit by ransomware attack

M6, one of France’s biggest TV channels, hit by ransomware Unlike The Weather Channel earlier this year, M6 remained on the air. The M6 Group, the largest France private multimedia group, was the victim of ransomware over the weekend. The systems at the M6 Group, France’s largest private multimedia group, were infected with the ransomwar
Publish At:2019-10-18 10:45 | Read:119 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Graboid the first-ever Cryptojacking worm that targets Docker Hub

Security experts at Palo Alto Networks discovered a worm dubbed Graboid that spreads using Docker containers. Palo Alto Networks researchers discovered a new Monero miner with wormable capabilities, dubbed Graboid, that spreads using Docker containers. Experts discovered that to target new systems, the Graboid worm periodically queries the C&C fo
Publish At:2019-10-18 10:45 | Read:89 | Comments:0 | Tags:Breaking News Malware Docker Hub Graboid Hacking information

International operation dismantled largest Dark Web Child abuse site

The United States Department of Justice announced the arrest of hundreds of criminals as part of a global operation against a dark web child abuse community. The US Department of Justice announced the arrest of hundreds of criminals as part of a global operation conducted against the crime community operating the largest dark web child porn site, ‘
Publish At:2019-10-18 10:45 | Read:207 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web child abuse Dark Web Hack

Critical and high-severity flaws addressed in Cisco Aironet APs

A critical flaw in Aironet access points (APs) can be exploited by a remote attacker to gain unauthorized access to vulnerable devices. Cisco disclosed a critical vulnerability in Aironet access points (APs), tracked as CVE-2019-15260, that can be exploited by a remote, unauthenticated attacker to gain unauthorized access to vulnerable devices with elevat
Publish At:2019-10-18 10:45 | Read:163 | Comments:0 | Tags:Breaking News Hacking CISCO Cisco Aironet AP information sec

Researcher released PoC exploit code for CVE-2019-2215 Android zero-day flaw

A researcher has published a proof-of-concept (PoC) exploit code for the CVE-2019-2215 zero-day flaw in Android recently addressed by Google Earlier October, Google Project Zero researchers Maddie Stone publicly disclosed a zero-day vulnerability, tracked as CVE-2019-2215, in Android. According to the expert, the bug was allegedly being used or sold by
Publish At:2019-10-18 10:45 | Read:142 | Comments:0 | Tags:Breaking News Hacking Mobile CVE-2019-2215 hacking nres info

Trojanized Tor Browser targets shoppers of Darknet black marketplaces

A tainted version of the Tor Browser is targeting dark web market shoppers to steal their cryptocurrency and gather information on their browsing activity. A Trojanized version of the Tor Browser is targeting shoppers of black marketplaces in the dark web, threat actors aim to steal their cryptocurrency and gather information on their browsing activity.
Publish At:2019-10-18 10:45 | Read:173 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Hacking information secur

Hacking Is Not a Crime! Additional Thoughts from DEFCON 2019

In my previous post, I spoke about all of the different DEFCON villages where attendees can learn about and purchase all sorts of fun hacking/counter hacking tools. Even so, I covered only a small fraction of the activities at the conference. For example, attendees have the opportunity to participate in a lot of contests run over the weekend, including vario
Publish At:2019-10-18 10:10 | Read:229 | Comments:0 | Tags:Events Defcon hacking

15,000 webcams vulnerable to attack: how to protect against webcam hacking

Webcams may have been around for a long time, but that doesn’t mean we know what we’re doing with them. Webcam hacking has been around for equally as long, yet new research from Wizcase indicates that more than 15,000 private, web-connected cameras are exposed and readily accessible to the general public. So forget hacking, cybercriminals can just take a str
Publish At:2019-09-24 23:20 | Read:463 | Comments:0 | Tags:Hacking cam camera devices hackers hacking hub Internet of T

Hacking with AWS: incorporating leaky buckets into your OSINT workflow

Penetration testing is often conducted by security researchers to help organizations identify holes in their security and fix them, before cybercriminals have the chance. While there’s no malicious intent for the researcher, part of his job is to think and act like a cybercriminal would when hacking, or attempting to breach, an enterprise network. T
Publish At:2019-09-20 11:20 | Read:423 | Comments:0 | Tags:Researcher's corner amazon aws AWS buckets data hacking Inte

Your trust, our signature

Written and researched by Mark Bregman and Rindert Kramer Sending signed phishing emails Every organisation, whatever its size, will encounter phishing emails sooner or later. While the number of phishing attacks is increasing every day, the way in which phishing is used within a cyber-attack has not changed: an attacker comes up with a scenario which looks
Publish At:2019-09-19 23:30 | Read:305 | Comments:0 | Tags:audits Blog pentest Uncategorized email hacking phishing

Technical Rundown of WebExec

This is a technical rundown of a vulnerability that we've dubbed "WebExec". The summary is: a flaw in WebEx's WebexUpdateService allows anyone with a login to the Windows system where WebEx is installed to run SYSTEM-level code remotely. That's right: this client-side application that doesn't listen on any ports is actually vulnerable to remote code executio
Publish At:2019-09-19 17:55 | Read:354 | Comments:0 | Tags:Hacking NetBIOS/SMB Reverse Engineering

BSidesSF CTF author writeup: genius

Hey all, This is going to be an author's writeup of the BSidesSF 2019 CTF challenge: genius! genius is probably my favourite challenge from the year, and I'm thrilled that it was solved by 6 teams! It was inspired by a few other challenges I wrote in the past, including Nibbler. You can grab the sourcecode, solution, and everything needed to run it yourself
Publish At:2019-09-19 17:55 | Read:266 | Comments:0 | Tags:Conferences CTFs Hacking Reverse Engineering

Malware signed with stolen Digital code-signing certificates continues to bypass security software

A group of researchers demonstrated that malware signed with stolen Digital code-signing certificates continues to bypass security software. A recent study conducted by the Cyber Security Research Institute (CSRI) revealed that stolen digital code-signing certificates are available for sale for anyone to purchase on the dark web for up to $1,200. Digital cod
Publish At:2017-11-07 05:10 | Read:16163 | Comments:2 | Tags:Breaking News Cyber Crime Deep Web Hacking Malware Digital c

Paradise Papers were the result of the hack of external attackers

Most of the Paradise Papers came from offshore legal firm Appleby, which confirms the leak came from a hack on its network and no insiders were involved. The Paradise Papers is a collection of more than 13.4 million financial documents leaked online that has shed light on how major figures in the world of business, politics, entertainment, and sport move th
Publish At:2017-11-07 05:10 | Read:41935 | Comments:0 | Tags:Breaking News Data Breach Hacking Appleby data leak Panama P

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud