HackDig : Dig high-quality web security articles for hacker

InfoTrax Settles With FTC Over Data Breach

Backend operation services provider InfoTrax Systems has reached a settlement with the U.S. Federal Trade Commission (FTC) over a data breach discovered in 2016, the agency announced this week.Utah-based InfoTrax provides multi-level marketers with a variety of services, including compensation, inventory, accounting, and training, as well as data security, i
Publish At:2019-11-15 10:15 | Read:77 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Compliance Risk Manage

Value and Limitations of Vendor Telemetry and Reported Incidents

Threat statistics come from a variety of sources: reported incidents, vendor telemetry, internet traffic and dark web analysis. All have value, and all have limitations. Reported incidents form the basis of Verizon's Data Breach Investigations Report (DBIR) -- its limitation is that it cannot account for those incidents that contributors decline to repo
Publish At:2019-11-13 22:15 | Read:87 | Comments:0 | Tags:Disaster Recovery NEWS & INDUSTRY Incident Response

Navigating a Way Out of the Lion's Den Before, During, and After Incident Response

In my previous column, I offered tips on leveraging security metrics in order to stay out of the lion’s den. It goes without saying that it’s always best to avoid the lion’s den whenever possible. In fact, much of the security advice out there is centered around this philosophy.  But what should one do if they have no choice but to put themselves in the
Publish At:2019-11-13 22:15 | Read:83 | Comments:0 | Tags:INDUSTRY INSIGHTS Incident Response

Hosting Provider SmarterASP.NET Recovering From Ransomware Attack

ASP.NET hosting provider SmarterASP.NET is currently working on recovering customer data after being hit by a ransomware attack over the weekend.Operating since 1999, SmarterASP.NET has datacenters in the United States and Europe and serves over 440,000 customers worldwide.On Saturday, the company fell victim to a ransomware attack that resulted in its custo
Publish At:2019-11-12 10:15 | Read:128 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Virus & Malware Ma

Incident Response Ransomware Series – Part 2

Opening In part one of this blog post series, we provided an introduction into what ransomware is and how it works. We also provided examples of different types of ransomware, variation of ransomware tactics, and identified that ransomware delivery is traditionally accompanied by other malware to assist in lateral movement and deployment. If you haven
Publish At:2019-11-12 02:50 | Read:68 | Comments:0 | Tags:Incident Response Incident Response & Forensics

Incident Response Ransomware Series – Part 3

So far in this series, we have looked at what ransomware is, what it does after it has compromised a system, and what organizations can do to detect and prevent ransomware. (Catch up with Part 1 & Part 2 before continuing!) However, that is only half the story. Organizations need to assume that they will be compromised with ransomware at some point and m
Publish At:2019-11-12 02:50 | Read:29 | Comments:0 | Tags:Incident Response Incident Response & Forensics

Data of ZoneAlarm Forum Users Leaked Following Breach

The forum dedicated to Check Point’s ZoneAlarm security product appears to have been breached and the details of the forum’s members have been leaked online.Check Point says its ZoneAlarm product has been used by nearly 100 million users worldwide, but the incident only appears to impact a few thousand users. The ZoneAlarm forum has roughly 4,500 members, bu
Publish At:2019-11-11 22:15 | Read:2 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Vulnerabilities Data P

U.S. Fast-Food Chain Krystal Investigating Payment Card Breach

Krystal, a fast-food restaurant chain based in Atlanta, Georgia, informed customers recently that it has launched an investigation into a cybersecurity incident involving the payment processing systems used by some of its restaurants.The investigation is ongoing, but so far the company has determined that one of the payment processing systems it uses may hav
Publish At:2019-10-29 10:15 | Read:588 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Incident Resp

City of Johannesburg Refuses to Pay Ransom to Hackers

The South African city of Johannesburg says it will not pay the ransom demanded by hackers who recently breached its IT systems.The city of Johannesburg revealed on Friday, October 25, that its systems had been illegally accessed by hackers, which led to its official website and various services being taken offline. Impacted services include billing, propert
Publish At:2019-10-28 12:00 | Read:252 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Cy

Incident Response Ransomware Series: Part 1

In this three-part blog post series, we will provide an introduction into what ransomware is, how it works, and how it spreads to systems within an organization. We will also provide examples of different types of ransomware and variation of ransomware tactics. In part two, we will go in-depth to understand the various attack vectors ransomware uses, as
Publish At:2019-10-28 08:40 | Read:93 | Comments:0 | Tags:Incident Response Incident Response & Forensics

DDoS Attack Hits Amazon Web Services

Amazon Web Services (AWS) customers experienced service interruptions yesterday as the company struggled to fight off a distributed denial-of-service (DDoS) attack.As part of such an assault, attackers attempt to flood the target with traffic, which would eventually result in the service being unreachable.While customers were complaining of their inability t
Publish At:2019-10-24 10:15 | Read:152 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Incident Response Cloud

TorGuard, NordVPN Respond to Breach Reports

VPN providers TorGuard and NordVPN have responded to reports that their systems have been breached, and both blame the incident on a third-party service provider.Hackers have leaked private RSA keys and information on configuration files that were stolen from a NordVPN server last year.At least three private keys appear to have been stolen from the server, i
Publish At:2019-10-21 22:15 | Read:239 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Incident Response Vulnerabilitie

Avast Discloses New Supply-Chain Attack Attempt

An unknown threat actor managed to access Avast’s network in yet another supply chain compromise attempt, the security company announced on Monday.Detected at the end of September, the intrusion involved the use of a temporary VPN profile that had been kept alive although it did not have two-factor authentication enabled. The attackers had been using the pro
Publish At:2019-10-21 10:15 | Read:200 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Cy

The Day MegaCortex Ransomware Mayhem Was Averted

Averting cyberattacks planned out by aggressive threat actors is no easy feat for any organization, and much less for incident response (IR) teams who are usually called in after the attack has caused damage. IBM X-Force Incident Response and Intelligence Services (IRIS) analysts know this firsthand. The problem with this approach is that when an attack is a
Publish At:2019-10-18 10:20 | Read:135 | Comments:0 | Tags:Incident Response Malware Security Intelligence & Analytics

10 Reasons Your Organization Is Potentially at Risk of a Ransomware Attack

Does ransomware respect the holiday season? With ransomware attacks attempted every 14 seconds, it’s not likely attackers take any days off. The threat of ransomware keeps growing, and in Q1 2019, researchers noted a 118 percent rise in malware strains in this category. Behind these rising numbers are cybercrime syndicates that continue to push ransomw
Publish At:2019-10-18 10:20 | Read:158 | Comments:0 | Tags:Identity & Access Incident Response Threat Intelligence Cybe


Share high-quality web security related articles with you:)


Tag Cloud