HackDig : Dig high-quality web security articles for hacker

A Security Professional’s Cheat Sheet for the Holidays: Hacks, Breaches and More!

It’s the holiday season, and if you are an IT security professional like me, going home for the holidays often means you are the designated briefing correspondent on all things data breaches. This year, instead of trying to explain IT jargon to my friends and family, I decided to compile a list of 2016 breaches and security incidents that will be sure
Publish At:2016-12-23 00:40 | Read:934 | Comments:0 | Tags:Data Protection Identity & Access Data Breach Hacking hacks

Lessons From Recent Hacks: Creating Strong Passwords

Breaches involving stolen credentials don’t surprise anyone these days. Those of us in infosec know too well that it’s a thousand times easier for the bad guys to gain access to a network and fly under the radar with a stolen login—often obtained through social engineering—than it is to get through cyber defenses. From the bad actors’ perspective, why pick t
Publish At:2016-07-19 07:15 | Read:1851 | Comments:0 | Tags:Featured Articles Security Awareness Hacks passwords securit

Garbage in, garbage out: Why Ars ignored this week’s massive password breach

Earlier this week, mass panic ensued when a security firm reported the recovery of a whopping 272 million account credentials belonging to users of Gmail, Microsoft, Yahoo, and a variety of overseas services. "Big data breaches found at major email services" warned Reuters, the news service that broke the news. Within hours, other news services were running
Publish At:2016-05-07 03:10 | Read:758 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab breaches hacks

Comcast Home Security System Vulnerable to Attack

Update Comcast’s Xfinity Home Security System is vulnerable to attacks that interfere with its ability to detect and alert to home intrusions.Researchers at Rapid7 today disclosed the issue after fruitless attempts to contact and report the problem to Comcast dating back to Nov. 2; Rapid7 did disclose the vulnerability to CERT, which is expected to iss
Publish At:2016-01-06 03:20 | Read:1137 | Comments:0 | Tags:Critical Infrastructure Hacks Privacy base station Comcast C

Six Things to Watch for in 2016

Well, if you thought you had it rough in 2014 because of big, bad Poodles and an irritating case of Heartbleed, things only got worse this year. Rather than intrusions permeating our IT systems and stealing our data, attacks got a bit more personal in 2015. Not only were privacy and civil liberties put at risk by legislators pushing overbearing rules based o
Publish At:2015-12-31 20:45 | Read:1727 | Comments:0 | Tags:Hacks Malware Vulnerabilities Web Security apt car hacking h

Twitter Warns Some users of Nation-State Attacks

A relatively small number of Twitter users, including a few connected to security and privacy advocacy, have been informed that their accounts have been targeted by state-sponsored hackers.Notifications began appearing in the inboxes of affected users two days ago, with very little concrete information accompanying the warning. Twitter said in the notifica
Publish At:2015-12-14 12:50 | Read:1399 | Comments:0 | Tags:Government Hacks Privacy Web Security coldhak Runa Sandvik s

Internet Root Name Servers Survive Unusual DDoS Attack

An unusual DDoS amplification attack was carried out 10 days ago against many of the Internet’s 13 root name servers, the authoritative servers used to resolve IP addresses.The attacks happened on Nov. 30 and again on Dec. 1, and each time, massive volumes of traffic, peaking at five million queries per second, were fired at the servers. A note from th
Publish At:2015-12-10 00:20 | Read:864 | Comments:0 | Tags:Hacks Web Security BCP-38 DDoS DDoS Amplification attack DNS

China APT Gang Targets Hong Kong Media via Dropbox

An APT gang linked to China and alleged to be responsible for targeted attacks against foreign governments and ministries, has now pointed its focus inward at China’s autonomous territory Hong Kong.An August attack against several media companies in Hong Kong was carried out shortly after a high-profile controversy over an appointment at the prestigiou
Publish At:2015-12-01 17:25 | Read:872 | Comments:0 | Tags:Government Malware Web Security admin@338 advanced persisten

Lenovo Patches Vulnerabilities in System Update Service

Lenovo has patched two serious vulnerabilities that hackers could abuse in targeted attacks, or at scale, to easily guess administrator passwords on a compromised device, or elevate privileges to Windows SYSTEM user.The vulnerabilities were patched last Thursday by the manufacturer and details were disclosed Tuesday by researchers at IOActive, who privately
Publish At:2015-11-25 16:45 | Read:781 | Comments:0 | Tags:Hacks Vulnerabilities IOActive Lenovo System Update patch Le

FBI Warns Public Officials of Doxing Threat

The FBI has put law enforcement and high-profile public officials on notice that they could be targeted by hacktivists following the recent doxing of CIA director John Brennan by the hacktivism collective called Crackas With Attitude.Brennan’s AOL email account was taken over by a teen associated with the group who posed as a Verizon employee to steal
Publish At:2015-11-20 10:10 | Read:1029 | Comments:0 | Tags:Government Hacks Privacy Social Engineering CIA Director Cra

One BadBarcode Spoils Whole Bunch

Barcodes’ pervasiveness in retail, health care and other service industries notwithstanding, hackers really haven’t paid much attention to these tiny lines of data.But like other technologies supporting the so-called Internet of Things, there are bound to be vulnerabilities and there are bound to be white hats and black hats poking about. Case
Publish At:2015-11-13 15:50 | Read:925 | Comments:0 | Tags:Hacks Uncategorized Vulnerabilities Web Security BadBarcode

CSRF Flaw Patched in Popular Spring Social Core Library

A nasty cross-site request forgery vulnerability was patched Thursday in the Spring Social core library, one of the most pervasive Java application libraries.Spring Social facilitates social authentication between applications and online services, and the vulnerability allowed attackers to bypass authentication checks, impersonate users and take over social
Publish At:2015-11-13 15:50 | Read:1055 | Comments:0 | Tags:Hacks Privacy Vulnerabilities Cross-site request forgery CSR

Xen Patches 7-Year-Old VM Escape Hypervisor Vulnerability

The Xen Project, which oversees the open source Xen hypervisor, yesterday patched a seven-year-old vulnerability that allows an attacker to escape a guest virtual machine and attack the host operating system.The flaw is so bad that the developers of the Qubes OS Project, a security-heavy operating system whose protections rely on virtualization to compartmen
Publish At:2015-10-30 09:50 | Read:738 | Comments:0 | Tags:Cloud Security Hacks Virtualization Vulnerabilities Cloud Co

TalkTalk Hackers Demand Ransom from CEO

U.K. telecom TalkTalk, still reeling from a break-in reported last Wednesday, tried to cushion the blow over the weekend by telling those affected that the number of records stolen was smaller than originally thought.CEO Dido Harding said in a video update posted Sunday to the TalkTalk site that the Metropolitan Police Cyber Crime Unit investigation continue
Publish At:2015-10-26 15:40 | Read:1043 | Comments:0 | Tags:Hacks Privacy Vulnerabilities Web Security Bitcoin DDoS Dido

Novel NTP Attacks Roll Back Time

Sharon Goldberg remembers the cold February day when her Boston University PhD candidate Aanchal Malhotra was studying routing security, in particular, attacks against the resource public key infrastructure (RPKI)—and kept hitting a dead end because of a cache-flushing issue.The resourceful Malhotra decided to roll back the time on her computer as a last-dit
Publish At:2015-10-22 21:40 | Read:897 | Comments:0 | Tags:Cryptography Hacks Vulnerabilities Web Security Aanchal Malh

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud