HackDig : Dig high-quality web security articles

New MacStealer macOS malware appears in the cybercrime underground

A new MacStealer macOS malware allows operators to steal iCloud Keychain data and passwords from infected systems. Uptycs researchers team discovered a new macOS information stealer, called MacStealer, which allows operators to steal iCloud Keychain data and passwords from infected systems. The macOS malware can steal documents, credit card data, cook
Publish At:2023-03-27 19:00 | Read:14329 | Comments:0 | Tags:Breaking News Malware Cybercrime Hacking hacking news inform

Apple fixes recently disclosed CVE-2023-23529 zero-day on older devices

Apple released updates to backport security patches that address actively exploited CVE-2023-23529 WebKit zero-day for older iPhones and iPads. Apple released security updates to backport patches that address an actively exploited zero-day flaw (CVE-2023-23529) for older iPhones and iPads. The CVE-2023-23529 flaw is a type confusion issue in WebKit tha
Publish At:2023-03-27 19:00 | Read:17232 | Comments:0 | Tags:Breaking News Hacking Security Apple CVE-2023-23529 hacking

Updates from the MaaS: new threats delivered through NullMixer

A technical analysis of NullMixer malware operation revealed Italy and France are the favorite European countries from the attackers’ perspective. Executive Summary Our insights into a recent NullMixer malware operation revealed Italy and France are the favorite European countries from the opportunistic attackers’ perspective. In thirty days, the o
Publish At:2023-03-27 12:18 | Read:18537 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Hacking hacking

Technical analysis of China-linked Earth Preta APT’s infection chain

China-linked Earth Preta cyberespionage group has been observed adopting new techniques to bypass security solutions. Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda) is actively changing its tools, tactics, and procedures (TTPs) to bypass security solutions. Earth Preta, also known as “RedDelta” or “Bronze
Publish At:2023-03-27 08:56 | Read:23084 | Comments:0 | Tags:APT Breaking News Hacking Malware Earth Preta hacking news i

Malicious Python Package uses Unicode support to evade detection 

Researchers discovered a malicious package on PyPI that uses Unicode to evade detection while stealing sensitive data. Supply chain security firm Phylum discovered a malicious Python package on the Python Package Index (PyPI) repository that uses Unicode to evade detection and deliver information-stealing malware. The package, named onyxproxy, was uplo
Publish At:2023-03-27 04:22 | Read:28358 | Comments:0 | Tags:Breaking News Malware Hacking hacking news information secur

OpenAI: A Redis bug caused a recent ChatGPT data exposure incident

OpenAI revealed that a Redis bug was the root cause of the recent exposure of users’ personal information and chat titles in ChatGPT service. On Friday, OpenAI revealed that the recent exposure of users’ personal information and chat titles in its chatbot service was caused by a bug in the Redis open-source library. On March 20, 2023, sever
Publish At:2023-03-26 20:26 | Read:42723 | Comments:0 | Tags:Breaking News Data Breach data leak Hacking information secu

Security Affairs newsletter Round 412 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sitesPwn2Own Vancouver 2023 a
Publish At:2023-03-26 16:28 | Read:50304 | Comments:0 | Tags:Breaking News Security Hacking hacking news information secu

Microsoft shares guidance for investigating attacks exploiting CVE-2023-23397

Microsoft is warning of cyber attacks exploiting a recently patched Outlook vulnerability tracked as CVE-2023-23397 (CVSS score: 9.8). Microsoft published guidance for investigating attacks exploiting recently patched Outlook vulnerability tracked as CVE-2023-23397. The flaw is a Microsoft Outlook spoofing vulnerability that can lead to an authenticati
Publish At:2023-03-26 12:30 | Read:25835 | Comments:0 | Tags:APT Breaking News Hacking Security CVE-2023-23397 Cyberespio

Vice Society claims attack on Puerto Rico Aqueduct and Sewer Authority

Puerto Rico Aqueduct and Sewer Authority (PRASA) is investigating a cyber attack with the help of the FBI and US CISA. The Puerto Rico Aqueduct and Sewer Authority (PRASA) is investigating a cyberattack that last week hit the agency. The agency quickly activated the incident response procedure after the attack. The attack was disclosed on March 19, and
Publish At:2023-03-26 03:20 | Read:53577 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cybercrime data br

NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites

The U.K. National Crime Agency (NCA) revealed that it has set up a number of fake DDoS-for-hire sites to infiltrate the online criminal underground. The UK National Crime Agency announced it has infiltrated the online criminal marketplace by setting up several sites purporting to offer DDoS-for-hire services. DDoS-for-hire or ‘booter’ services allows r
Publish At:2023-03-25 20:38 | Read:40941 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime DDoS DDoS-for-h

Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days

On the third day of the Pwn2Own Vancouver 2023 hacking contest, the organization awarded $185,000 for 10 zero-day exploits. Pwn2Own Vancouver 2023 is ended, contestants disclosed 27 unique zero-days and the organization awarded a total of $1,035,000 and a Tesla Model 3. The team Synacktiv (@Synacktiv) (Benoist-Vanderbeken, David Berard, Vincent Dehors, Ta
Publish At:2023-03-25 12:42 | Read:38791 | Comments:0 | Tags:Breaking News Hacking Security information security news IT

CISA announced the Pre-Ransomware Notifications initiative

The US Cybersecurity and Infrastructure Security Agency (CISA) announced the Pre-Ransomware Notifications service to help organizations stop ransomware attacks before damage occurs. The US Cybersecurity and Infrastructure Security Agency announced a new Pre-Ransomware Notification initiative that aims at alerting organizations of early-stage ransomware at
Publish At:2023-03-24 20:50 | Read:52772 | Comments:0 | Tags:Breaking News Malware Security CISA Cybercrime Hacking hacki

China-linked hackers target telecommunication providers in the Middle East

Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. According to the researchers, the activity is part of the Operation Soft
Publish At:2023-03-24 17:28 | Read:46066 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware China hacking

City of Toronto is one of the victims hacked by Clop gang using GoAnywhere zero-day

Clop ransomware gang added the City of Toronto to the list of its victims, it is another organization compromised by exploiting GoAnywhere zero-day. Clop ransomware gang added the City of Toronto to the list of victims published on its Tor leak site. The City was targeted as part of a campaign exploiting the recently disclosed zero-day vulnerability
Publish At:2023-03-24 16:52 | Read:62039 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Hacking Malware City o

Critical flaw in WooCommerce Payments plugin allows site takeover

A patch for a critical vulnerability in the WooCommerce Payments plugin for WordPress has been released for over 500,000 websites. On March 23, 2023, researchers from Wordfence observed that the “WooCommerce Payments – Fully Integrated Solution Built and Supported by Woo” plugin had been updated to version 5.6.2. The WooCommerce Payments plugin is a f
Publish At:2023-03-24 11:40 | Read:55564 | Comments:0 | Tags:Breaking News Hacking Security information security news IT

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud