HackDig : Dig high-quality web security articles for hackers

New MrbMiner malware infected thousands of MSSQL DBs

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. According to security firm Tencent, the team of
Publish At:2020-09-16 05:52 | Read:165 | Comments:0 | Tags:Breaking News Cyber Crime Hacking botnet crypto Cryptocurren

Microsoft open-sourced its Project OneFuzz fuzzing framework for Azure

Microsoft released the Project OneFuzz, an open-source fuzzing framework for its cloud computing service Azure. Microsoft this week announced the release of the Project OneFuzz which is an open-source fuzzing framework for its cloud computing service Azure. The project was previously used by the IT giant to find vulnerabilities in the popular service.
Publish At:2020-09-15 22:02 | Read:142 | Comments:0 | Tags:Breaking News Security Azure fuzzing Hacking information sec

Experts warn of surge in DDoS attacks targeting education institutions

Experts warn of a surge in the DDoS attacks against education institutions and the academic industry across the world. While the popularity of online learning is increasing due to the ongoing Coronavirus pandemic, threat actors are launching distributed denial-of-service (DDoS) on education institutions and the academic industry across the world. The
Publish At:2020-09-15 18:08 | Read:126 | Comments:1 | Tags:Breaking News Cyber Crime Hacking DDoS education institution

Out-of-band security update fixes Adobe Media Encoder issu

Adobe has released an out-of-band security update to address three ‘Important’ security vulnerabilities in the Adobe Media Encoder. Adobe has released an out-of-band security update for Adobe Media Encoder that addresses three ‘Important’ Information Disclosure flaws. The three vulnerabilities could be exploited by an attacker t
Publish At:2020-09-15 18:08 | Read:148 | Comments:0 | Tags:Breaking News Security Adobe Adobe Media Encoder Hacking sec

UK NCSC releases the Vulnerability Disclosure Toolkit

The British National Cyber Security Centre (NCSC) released a guideline, dubbed The Vulnerability Disclosure Toolkit, for the implementation of a vulnerability disclosure process. The UK National Cyber Security Centre (NCSC) has released a guideline, dubbed The Vulnerability Disclosure Toolkit, on how to implement a vulnerability disclosure process. The
Publish At:2020-09-15 10:18 | Read:101 | Comments:0 | Tags:Breaking News Hacking Laws and regulations Vulnerability

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security. Chinese state-sponsored hackers have pr
Publish At:2020-09-15 06:24 | Read:95 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Chinese hackers Citr

Thousands of Magento stores hacked in a few days in largest-ever skimming campaign

Thousands of Magento online stores have been hacked over the past few days as part of the largest ever skimming campaign. Security experts from cybersecurity firm Sansec reported that nearly 2,000 Magento online stores have been hacked over the past few days as part of the largest ever Magecart-style campaign. Most of the hacked sites were running Magento
Publish At:2020-09-14 18:20 | Read:125 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware exploit code infor

Staples discloses data breach exposing customer order data

Giant office retail company Staples disclosed a data breach, threat actors accessed some of its customers’ order data. Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization. The office retail giant sent out a data breach notificatio
Publish At:2020-09-14 14:45 | Read:193 | Comments:0 | Tags:Breaking News Data Breach Hacking hacking news information s

Zerologon attack lets hackers to completely compromise a Windows domain

Zerologon attack allows threat actors to take over enterprise networks by exploiting the CVE-2020-1472 patched in the August 2020 Patch Tuesday. Administrators of enterprise Windows Servers have to install the August 2020 Patch Tuesday as soon as possible to protect their systems from Zerologon attack that exploits the CVE-2020-1472. The CVE-2020-1472
Publish At:2020-09-14 08:35 | Read:72 | Comments:0 | Tags:Breaking News Hacking domain controller hacking news informa

Popular Marketing Tool exposes data of users of dating sites

Personal details of hundreds of users of dating sites were exposed online earlier this month. An Elasticsearch server containing personal details of hundreds of thousands of dating site users were exposed online without authentication. The unsecured database was discovered by security researchers from vpnMentor at the end of August. “vpnMentor
Publish At:2020-09-14 06:56 | Read:73 | Comments:0 | Tags:Breaking News Data Breach Digital ID data breach data leak d

CIRWA Project tracks ransomware attacks on critical infrastructure

Researchers from Temple University have been tracking ransomware attacks on critical infrastructure all over the world. A team of researchers at Temple University in Philadelphia has presented a project named CIRWA (repository of critical infrastructure ransomware attacks) that aims at tracking ransomware attacks on critical infrastructure worldwide. T
Publish At:2020-09-14 03:01 | Read:175 | Comments:0 | Tags:Breaking News Malware Security CIRWA Project critical infras

Fairfax County Public Schools hit by Maze ransomware

Fairfax County Public Schools (FCPS), one of the largest school divisions in the US, was hit by Maze ransomware operators. Fairfax County Public Schools (FCPS) was victim of an attack carried out by the Maze ransomware operators. FCPS is one of the largest school districts in the US with an approved budget of $3.2 billion for 2021. The Fairfax Coun
Publish At:2020-09-13 15:17 | Read:220 | Comments:0 | Tags:Breaking News Cyber Crime Cybercrime Fairfax County Public S

Gaming hardware manufacturer Razer suffered a data leak

Gaming hardware manufacturer Razer suffered a data leak, an unsecured database managed by the company containing gamers’ info was exposed online. Gaming hardware manufacturer Razer has suffered a data leak, this is the discovery made by the security researcher Bob Diachenko. The expert discovered an unsecured database that exposed the information of
Publish At:2020-09-13 11:22 | Read:265 | Comments:0 | Tags:Breaking News Data Breach Hacking Razer data leak

Security Affairs newsletter Round 281

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Visa warns of new sophisticated credit card skimmer dubbed BakaWhatsApp discloses six previously undisclosed flawsChilean bank BancoEstado hit by REVil ransomwareEpic Manchego gang uses Excel docs that a
Publish At:2020-09-13 11:22 | Read:166 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Bank of Seychelles hit by a ransomware attack

The Development Bank of Seychelles (DBS) was hit by a ransomware attack disclose the Central Bank of Seychelles (CBS). The Central Bank of Seychelles (CBS) disclosed via a press statement that the Development Bank of Seychelles (DBS) was hit by a ransomware attack. DBS is a joint venture by the Seychelles government and some shareholders including Bank
Publish At:2020-09-12 15:49 | Read:190 | Comments:0 | Tags:Breaking News Cyber Crime Malware Hacking hacking news infor

Tools

Tag Cloud