HackDig : Dig high-quality web security articles for hacker

DRA firm left 1.1 TB of data unsecured on an Amazon S3, 198 million US voter records exposed

The popular security expert Chris Vickery revealed the DRA firm left 1.1 TB of data unsecured on an Amazon S3, 198 million US voter records exposed. Researcher Chris Vickery has found nearly 200 million voter records in an unsecured Amazon S3 bucket maintained by Deep Root Analytics (DRA), it is the largest exposure of its kind in history. The records includ
Publish At:2017-06-19 11:00 | Read:130 | Comments:0 | Tags:Breaking News Data Breach Digital ID Chris Vickery data brea

Kasperagent malware used in a new campaign leveraging Palestine-Themed decoy files

Researchers uncovered a new cyber espionage campaign involving the Kasperagent spyware delivered with Palestine-Themed decoy files. In March, experts at security firm Qihoo 360 have spotted a cyber espionage campaign conducted by a threat actor tracked as APT-C-23 and Two-Tailed Scorpion. A few weeks later, in April, researchers at Palo Alto Networks and Cle
Publish At:2017-06-18 16:35 | Read:187 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking APT-C-23 Kasperagent

BAE Systems accused of selling mass surveillance software Evident across the Middle East

BC Arabic and the Danish newspaper Dagbladet accuse British BAE Systems of selling mass surveillance software called Evident across the Middle East. The British company BAE Systems has been selling mass surveillance software called Evident across the Middle East, the findings are the result of a year-long investigation by BBC Arabic and the Danish newspaper
Publish At:2017-06-18 16:35 | Read:168 | Comments:0 | Tags:Breaking News Digital ID Intelligence Security BAE Evident H

Facebook inadvertently revealed moderators’ identities to suspected terrorists

A bug in the software used by Facebook moderators to review inappropriate content resulted in the disclosure of identities of moderators to suspected terrorists. According to the Guardian, the social network giant Facebook put the safety of its content moderators at risk after inadvertently exposing their personal details to suspected terrorist users on the
Publish At:2017-06-18 16:35 | Read:162 | Comments:0 | Tags:Breaking News Digital ID Hacking Social Networks Terrorism F

Hacker pleaded guilty to stealing satellite data from US DoD

The British hacker Sean Caffrey, 25, from Sutton Coldfield pleaded guilty to stealing satellite data from US Department of Defense (DoD). The British hacker Sean Caffrey, 25, from Sutton Coldfield pleaded guilty to stealing user accounts from a U.S. military communications system. According to the NCA, the man admitted in the Birmingham Crown Court to steali
Publish At:2017-06-17 22:10 | Read:228 | Comments:0 | Tags:Breaking News Data Breach Hacking Laws and regulations data

With this PHP rootkit you can take over a server hiding it in PHP server modules

The Dutch developer Luke Paris has created a PHP rootkit that hides in PHP server modules, he also explained why it is more dangerous of classic rootkits. The Dutch developer Luke Paris has created a rootkit that hides in PHP server modules that could be used by attackers to take over web servers. While classic rootkits work on the lowest levels of the opera
Publish At:2017-06-17 22:10 | Read:361 | Comments:0 | Tags:Breaking News Hacking malware PHP rootkit rootkit

New Code-injecting SOREBRECT Fileless Ransomware detected in the wild

The number of fileless malware continues to increase, recently security researchers spotted a new Fileless Ransomware dubbed Sorebrect. Sorebrect is able to inject malicious code into a legitimate system process (svchost.exe) on a targeted system and it terminates its binary to evade detection. It also make hard forensics analysis by deleting the affected s
Publish At:2017-06-17 03:45 | Read:227 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cybercrime fileles

Nmap 7.50 released with many significant improvements

The Nmap project announced the release of Nmap 7.50, the first big release since last December that has hundreds of improvements. Nmap 7.50 is the new release of the popular the Network Mapper, the previous release dates back December 2016 and the new one brings hundreds of improvements. Nmap 7.50 includes the Npcap packet capturing driver and library for W
Publish At:2017-06-17 03:45 | Read:147 | Comments:0 | Tags:Breaking News Hacking Security network mapper Nmap 7.50

Big Data Discrimination

Introduced in 1997, the term “Big Data” has grown in popularity in the past years.Credit: IBM-Big-Data-Definitions by DigitalRalph / (CC BY 2.0)53% of HR departments include Big Data in their strategic decisions; 71% use it to facilitate the sourcing, recruitment or selection of candidates; and 61% employ it to manage talent and performance
Publish At:2017-06-17 02:15 | Read:235 | Comments:0 | Tags:Hacking

False Flag Attack on Multi Stage Delivery of Malware to Italian Organisations

Researchers at the security firm Yoroi have discovered a False Flag Attack on Multi-Stage Delivery of Malware to Italian Organisations. Everything started from a well edited Italian language email (given to me from a colleague of mine, thank you Luca!) reaching out many Italian companies. The Italian language email had a weird attachment: ordine_065.js (it w
Publish At:2017-06-16 09:20 | Read:185 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware

Rapid7 report millions of endpoints exposed via SMB, Telnet Ports

A study conducted by the security firm Rapid7 revealed that millions of devices remain exposed to cyber attacks via  SMB, Telnet, RDP, and other types of improper configurations. Rapid7 published the second report National Exposure Index that provides Internet service providers (ISPs) worldwide information about the global exposure of devices. The researche
Publish At:2017-06-16 09:20 | Read:196 | Comments:0 | Tags:Breaking News Hacking Internet of Things Reports botnet Inte

A New malware dubbed dvmap for android was found and removed from play store

Kaspersky Lab had discovered a new malware dubbed dvmap for Android was found and removed from the official Google Play store A New malware dubbed dvmap for Android was found and removed from the official Google Play store Kaspersky Lab had discovered the new malware that is capable of obtaining root access on Android devices and is capable of taking over th
Publish At:2017-06-16 09:20 | Read:190 | Comments:0 | Tags:Breaking News Malware Mobile Android DVMAP Hacking malware m

NAC-Hacking – Bypassing Network Access Control

Conducting internal network penetration tests is always fun. There are vulnerabilities that easily help me to get to “keys of the kingdom” i.e. domain admin. But I had hit a wall when a client refused to whitelist my device on their NAC. It was this time where I had to think out-of-the-box first get into the network and then eventually comp
Publish At:2017-06-16 07:50 | Read:171 | Comments:0 | Tags:Hacking

Troll 2 exploitation walkthrough

This write-up will walk you through an exploitation of Troll 2 a boot2root VM; the challenge is designed my Maleus. You can download the VM from the following link https://www.vulnhub.com/entry/tr0ll-2,107/Lab set up:Open VMware > Edit >” Virtual Network Editor.”Click on “Add Network” and add any 1 Network example VMnet02S
Publish At:2017-06-16 07:50 | Read:114 | Comments:0 | Tags:Hacking exploit

CashCrate Cash-for-Surveys Site breached, 6 Million accounts stolen

According to the data breach notification site LeakBase hackers have stolen 6 million accounts for the CashCrate Cash-for-Surveys Site. Another day another data breach, this time hackers have stolen 6 million accounts for CashCrate, a site where users can be paid to complete online surveys. The news was reported by Motherboard who obtained the database and c
Publish At:2017-06-15 14:55 | Read:124 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach CashCrate data breach

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud