HackDig : Dig high-quality web security articles for hacker

Why Is Cyber Resilience Essential and Who’s Responsible for It?

In part one of this cyber resilience blog series, we discussed what it means to be a resilient organization. For part two, let’s discuss why organizations need to consider these challenges and who’s responsible for addressing them. Whilst asking why an organization may need to be resilient sounds a bit silly, I can say from experience that just because somet
Publish At:2020-02-20 03:05 | Read:87 | Comments:0 | Tags:IT Security and Data Protection business as usual cyber resi

Top Email Security Threats of 2020 – How To Stop Them

As hackers’ methods become more sophisticated, the scale of email security breaches and the frequency at which they occur grow greater with each passing year. In 2019 alone, an estimated 2 billion unique email addresses, accompanied by over 21 million unique passwords, were exposed within a single data breach. After the initial panic, it became clear that br
Publish At:2020-02-20 03:05 | Read:70 | Comments:0 | Tags:IT Security and Data Protection email security insider threa

CISA Disclosed Ransomware Attack at Natural Gas Compression Facility

The Cybersecurity and Infrastructure Security Agency (CISA) revealed that a natural gas compression facility suffered a ransomware attack.According to CISA Alert (AA20-049A), digital attackers leveraged a spearphishing link and abused the lack of robust network segmentation to infect Windows-based assets on both the IT and OT networks at a natural gas compre
Publish At:2020-02-19 08:08 | Read:48 | Comments:0 | Tags:IT Security and Data Protection Latest Security News CISA ga

AZORult Trojan Disguised Itself as Fake ProtonVPN Installer

Security researchers observed samples of the AZORult trojan disguising themselves as fake ProtonVPN installers for distribution.Back in November 2019, malicious actors launched this attack campaign by registering the domain “protonvpn[.]store” with a registrar based in Russia.One iteration of the campaign used malvertising as its initial infectio
Publish At:2020-02-18 09:23 | Read:134 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Latest Sec

A Guide to Digital Privacy for You and Your Family

Having worked with many individuals responding to incidents where their digital private images were shared without consent, social media or email accounts had unauthorised access, and even physical safety was a concern, it is all too familiar how terrifying the unknown can be. As someone who has been on both the victim’s and later the responder’s side,
Publish At:2020-02-15 17:09 | Read:196 | Comments:0 | Tags:IT Security and Data Protection digital security password Pr

‘Ransomwared’ Ransomware Strain Demands Explicit Pictures as Payment

Security researchers spotted a new ransomware strain called “Ransomwared” demanding explicit pictures from its victims as a means of payment.Upon successful infection, Ransomwared runs its encryption routine, appending the file extensions “.ransomwared” and “.iwanttits” to each file it encrypts.Given the names of the file
Publish At:2020-02-15 17:09 | Read:141 | Comments:0 | Tags:IT Security and Data Protection Latest Security News prevent

Puerto Rico government falls for $2.6 million email scam

As if Puerto Rico wasn’t having a hard enough time as it attempts to recover from a recession, the damage caused by devastating hurricanes in recent years, and a damaging earthquake last month, it now finds itself being exploited by cybercriminals.According to media reports, the government of the US island territory has lost more than US $2.6 million a
Publish At:2020-02-15 17:09 | Read:232 | Comments:0 | Tags:Featured Articles IT Security and Data Protection business e

MOSE: Using Configuration Management for Offensive and Defensive Security

Post-exploitation can be one of the most time-consuming but worthwhile tasks that an offensive security professional engages in. Fundamentally, it is where you are able to demonstrate what an adversary may do if they compromise a business. A big component of this is trying to get as far as you can without alerting the defenders to what you’re doing. The best
Publish At:2020-02-15 17:09 | Read:135 | Comments:0 | Tags:IT Security and Data Protection BsidesSF DevOps MOSE

Payment Card Data Security Incident Disclosed by Rutter’s

Convenience store and gas station chain Rutter’s disclosed a security incident that might have affected customers’ payment card data.According to a notice posted on its website, Rutter’s launched an investigation after receiving a report from a third-party of someone having gained unauthorized access to its customers’ payment cards da
Publish At:2020-02-15 17:09 | Read:67 | Comments:0 | Tags:IT Security and Data Protection Latest Security News malware

Google Foiled Over 1.9B Malware Installs from Non-Play Sources in 2019

Google revealed that it blocked more than 1.9 billion installations of Android malware from non-Play Store sources over the course of 2019.On 11 February, Google revealed on the Android Developers Blog that it had succeeded in scanning billions of potential malware installations by creating a revamped Play Protect experience in 2019.This built-in malware pro
Publish At:2020-02-12 10:31 | Read:186 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Android

New PayPal Phishing Email Scam Wants Your Social Security Number

Security researchers have spotted a new PayPal phishing email scam that tries to steal a victim’s Social Security Number (SSN), among other sensitive data.The attack email informed a victim that their PayPal account was locked, and it instructed them to click a “Secure and update my account now !” button. Doing so directed a user to a bit.l
Publish At:2020-02-11 08:42 | Read:202 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Paypal

Cyber Resilience – Everything You (Really) Need to Know

What is cyber resilience? If you search the definition within the Oxford Dictionary, resilience alone is defined as “the capacity to recover quickly from difficulties; toughness.” If you narrow the definition down to cyber resilience, it shifts to maintaining vs recovery. As noted on Wikipedia, it becomes “the ability to provide and maintain an acceptable le
Publish At:2020-02-11 01:19 | Read:207 | Comments:0 | Tags:Featured Articles IT Security and Data Protection cyber resi

Data Privacy Event Disclosed by Affordable Preschool Provider

A San Diego-based provider of affordable preschool disclosed that a data privacy incident might have affected some customers’ personal information.In a notice of data breach published on February 5, Educational Enrichment Systems, Inc. (EES) announced that it had suffered a security incident involving an employee’s email account:On August 30, 201
Publish At:2020-02-10 10:33 | Read:128 | Comments:0 | Tags:IT Security and Data Protection Latest Security News data pr

Protecting Organizations from Customized Phishing Attacks

Phishing AttackA few years ago, I myself was vished, or ‘phished,’ over the phone. The caller was someone, likely offshore in a call center, who had done a little bit of research online to find my name, my phone number, my wireless phone carrier and a few other details that they used to build rapport with me on the phone. Spoofing the customer service phone
Publish At:2020-02-10 03:08 | Read:196 | Comments:0 | Tags:IT Security and Data Protection

NY Bills Would Ban Municipalities From Meeting Ransomware Demands

Two state senators from New York State introduced bills that would ban municipalities from meeting ransomware attackers’ demands.On January 14, 2020, NYS Senator Phil Boyle of the 4th Senate District proposed Senate Bill S7246.Senator Boyle along with his cosponsors Senator George M. Borrello of the 57th Senate District and Senator Sue Serino of the 41
Publish At:2020-02-09 10:22 | Read:58 | Comments:0 | Tags:IT Security and Data Protection Latest Security News New Yor

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud