HackDig : Dig high-quality web security articles

Operator’s Guide to the Meterpreter BOFLoader

1.1      Introduction Recently, myself and a few friends decided to port my coworker Kevin Haubris‘ COFFLoader project to Metasploit. This new BOFLoader extension allows Beacon Object Files (BOFs) to be used from a Meterpreter session. This addition unlocks many new possibilities for Meterpreter and, in my opinion, elevates
Publish At:2023-01-24 13:31 | Read:49536 | Comments:0 | Tags:Application Security Assessment Incident Response Incident R

Thoma Bravo to Buy Magnet Forensics in Billion-Dollar Deal

Thoma Bravo’s shopping spree in the cybersecurity lane is showing no signs of slowing down.The private equity giant has announced plans to spend $1.3 billion to acquire Canadian software firm Magnet Forensics, a deal that expands Thoma Bravo’s push into the lucrative cybersecurity category.Magnet Forensics, based in Waterloo, markets a suite of tools in the
Publish At:2023-01-23 18:28 | Read:57043 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Tracking & Law Enf

T-Mobile Says Hackers Used API to Steal Data on 37 Million Accounts

Wireless carrier T-Mobile on Thursday fessed up to another massive data breach affecting  approximately 37 million current postpaid and prepaid customer accounts.In a filing with the Security and Exchange Commission (SEC), T-Mobile said that an unidentified malicious actor abused an API without authorization to access customer account data, including na
Publish At:2023-01-20 02:36 | Read:113660 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response hack

People, Process and Technology: The Incident Response Trifecta

Let’s say you are the CISO or IT security lead of your organization, and your incident response program needs an uplift. After making a compelling business case to management for investment, your budget has been approved and expanded. With your newfound wealth, you focus on acquiring technology that will improve your monitoring, detection and analysis
Publish At:2023-01-19 11:38 | Read:53840 | Comments:0 | Tags:Incident Response incident responder incident response tools

Self-Checkout This Discord C2

This post was made possible through the contributions of James Kainth, Joseph Lozowski, and Philip Pedersen. In November 2022, during an incident investigation involving a self-checkout point-of-sale (POS) system in Europe, IBM Security X-Force identified a novel technique employed by an attacker to introduce a command and control (C2) channel
Publish At:2023-01-17 15:36 | Read:96906 | Comments:0 | Tags:Software Vulnerabilities Application Security Endpoint Incid

Researchers: Brace for Zoho ManageEngine 'Spray and Pray' Attacks

Security researchers tracking a known pre-authentication remote code execution vulnerability in Zoho’s ManageEngine products are warning organizations to brace for “spray and pray” attacks across the internet.The vulnerability, patched by Zoho last November, affects multiple Zoho ManageEngine products and can be reached over the internet to launch code execu
Publish At:2023-01-16 18:28 | Read:124214 | Comments:0 | Tags:Disaster Recovery Endpoint Security Network Security NEWS &a

CircleCI Hacked via Malware on Employee Laptop

Software development service CircleCI has revealed that a recently disclosed data breach was the result of information stealer malware being deployed on an engineer’s laptop.The incident was initially disclosed on January 4, when CircleCI urged customers to rotate their secret keys.In an updated incident report on Friday, the company said that it was initial
Publish At:2023-01-16 10:32 | Read:204041 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Cybercrime Management

Cyber Incident Hits UK Postal Service, Halts Overseas Mail

Britain’s postal service said it was hit Wednesday by a “cyber incident” that is temporarily preventing it from sending letters or parcels to other countries.Royal Mail reported on its website that international export services were “experiencing severe service disruption” without providing further details.“We are temporarily unable to dispatch items to over
Publish At:2023-01-11 18:28 | Read:79291 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response cyber

A LAPS(e) in Judgement

As security practitioners, we live in a time where there is an abundance of tools and solutions to help us secure our homes, organizations, and critical data. We know the dangers of unpatched applications and devices as well as the virtues of things like password managers and encrypted databases to protect our passwords and other sensitive information. Ho
Publish At:2023-01-10 13:31 | Read:85589 | Comments:0 | Tags:Active Directory Security Review Incident Response Incident

Microsoft Flags Ransomware Problems on Apple's macOS Platform

Security researchers at Microsoft are flagging ransomware attacks on Apple’s flagship macOS operating system, warning that financially motivated cybercriminals are abusing legitimate macOS functionalities to exploit vulnerabilities, evade defenses, or coerce users to infect their devices.In a blog post documenting its research into four known macOS ransomwar
Publish At:2023-01-09 18:28 | Read:98770 | Comments:0 | Tags:Cyberwarfare Disaster Recovery Endpoint Security Network Sec

FCC Proposes Tighter Data Breach Reporting Rules for Wireless Carriers

The Federal Communications Commission (FCC) is proposing tighter rules on the reporting of data breaches by wireless carriers.The updated rules, the FCC says, will fall in line with recent changes in federal and state laws regarding data breaches in other sectors.FCC chairwoman Jessica Rosenworcel initially shared the Notice of Proposed Rulemaking (NPRM) wit
Publish At:2023-01-09 10:32 | Read:119929 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Incident Response Wirele

Rackspace Completes Investigation Into Ransomware Attack

Cloud company Rackspace has completed its investigation into the recent ransomware attack and found that the hackers did access some customer resources.The ransomware attack only hit Rackspace’s Hosted Exchange environment, which the company was forced to shut down as a result of the incident. In its last update, Rackspace said the cybercriminals accessed th
Publish At:2023-01-06 10:32 | Read:85301 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Cybercrime Management

3 Reasons to Make EDR Part of Your Incident Response Plan

As threat actors grow in number, the frequency of attacks witnessed globally will continue to rise exponentially. The numerous cases headlining the news today demonstrate that no organization is immune from the risks of a breach. What is an Incident Response Plan? Incident response (IR) refers to an organization’s approach, processes and technologies
Publish At:2023-01-05 15:36 | Read:76792 | Comments:0 | Tags:Endpoint Incident Response endpoint detection endpoint detec

Predictions 2023: Big Tech’s Coming Security Shopping Spree

The SecurityWeek editorial team huddled over the holidays to look back at the stories that shaped 2022 and, more importantly, to stare into a shiny crystal ball to find the cybersecurity narratives that will dominate this year’s headlines.For the most part, not much will change. Organizations large and small will continue to acknowledge major data breaches,
Publish At:2023-01-05 14:30 | Read:78339 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

Outrageous Stories From Three Cyber Incident Responders

Working in cyber incident response can certainly make life interesting. Experiences typically run the gamut from exciting, dull, fun, repetitive and challenging. IBM Security commissioned a study from Morning Consult that surveyed over 1,100 cybersecurity incident responders across ten countries. Unsurprisingly, over two-thirds of respondents experienced da
Publish At:2022-12-30 11:38 | Read:162672 | Comments:0 | Tags:Incident Response Risk Management incident responder inciden

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud