HackDig : Dig high-quality web security articles for hackers

Accounts of Reddit Moderators Hijacked in Pro-Trump Hack

Multiple Reddit moderator accounts have been compromised and abused to post pro-Trump messages on a variety of subreddits.The hackers appear to have targeted moderator accounts that did not have two-factor authentication (2FA) enabled, and leveraged their rights to modify subreddits or even remove moderator accounts that had fewer rights.“There is an ongoing
Publish At:2020-08-10 08:50 | Read:111 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Ma

Capital One Fined $80 Million in Data Breach

The U.S. Treasury Department has fined Capital One $80 million for careless network security practices that enabled a hack that accessed the personal information of 106 million of the bank’s credit card holders.The Comptroller of the Currency said in a consent order Thursday that Capital One failed in 2105 to establish effective risk management when it migra
Publish At:2020-08-07 07:55 | Read:95 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Data Protection Cyberc

Twitter Says Android App Vulnerability Exposed Direct Messages

Twitter informed customers on Wednesday that a vulnerability in its Android app could have been exploited by malicious applications to access private data.According to the social media giant, the flaw is related to a vulnerability that affects Android 8 and 9, which Google patched in October 2018.“Our understanding is 96% of people using Twitter for Android
Publish At:2020-08-06 08:48 | Read:100 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Incident Response Vulner

Colorado City Pays $45,000 Ransom After Cyber-Attack

Lafayette, Colorado, officials announced Tuesday the city’s computer systems were hacked and they were forced to pay a ransom to regain access.Lafayette officials said hackers disabled the city’s network services and blocked its access until the city paid a $45,000 fee, the Daily Camera reported.The attack caused city emails, phones, online payments and rese
Publish At:2020-08-05 13:30 | Read:88 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Vi

BootHole Patches Causing Many Systems to Become Unbootable

It appears that the patches released for Linux distributions in response to the GRUB2 bootloader vulnerability are causing problems for many users, making their systems unbootable.The flaw, tracked as BootHole and CVE-2020-10713, impacts PCs, servers and other devices running Linux and Windows if they use Secure Boot. An attacker with admin privileges on the
Publish At:2020-07-31 12:20 | Read:98 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Incident Response Vuln

Twitter Employees Targeted With Phone Spear-Phishing in Recent Attack

Twitter on Thursday revealed that several employees were targeted with phone spear-phishing in a social engineering attack leading to the recent security incident.A total of 130 accounts were targeted in the incident, with hackers abusing internal Twitter systems and tools to reset the passwords for 45 of them. The attackers also accessed the DM inbox of 36
Publish At:2020-07-31 09:57 | Read:102 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Phishing Cybercrime Ma

Red Hat's BootHole Patches Cause Systems to Hang

Red Hat has told customers not to install the package updates released in response to the recently disclosed BootHole vulnerability after users reported that their systems hung after applying the updates.Firmware security company Eclypsium revealed this week that billions of PCs, workstations, servers and other devices running Windows and Linux are affected
Publish At:2020-07-31 06:06 | Read:126 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Vulnerabilities Manage

Money is Everywhere, Should We Think More Like Banks?

Other Industries Should Look to Intelligence Teams in the Financial Sector for Guidance and Lessons LearnedWhy do thieves rob banks? Because, that’s where the money is. Whether this question was actually asked to the infamous bank robber Willie Sutton is debatable, but it’s well documented that for centuries, thieves have targeted financial institutions.In t
Publish At:2020-07-29 07:46 | Read:159 | Comments:0 | Tags:INDUSTRY INSIGHTS Incident Response Risk Management

Garmin Says Systems Back Online After Cyber Attack

Computer networks of the smartwatch and electronics firm Garmin were coming back online Monday, the company said, after an outage widely believed to have been due to a ransomware attack. The company acknowledged it was the victim of a "cyber attack that encrypted some of our systems," without offering details. The comments suggest a ransomware attack which
Publish At:2020-07-27 17:10 | Read:134 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Malware Cybercrime

Garmin Outage Raises Fear of Ransomware Attack

Computer networks of smartwatch and electronics firm Garmin were offline Friday in an incident which raised concerns of a ransomware attack affecting both its aviation and fitness app services. The company said on Twitter its website and Garmin Connect fitness app had been offline since Thursday. It said the "flyGarmin" site used for aviation databases was
Publish At:2020-07-24 15:48 | Read:114 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Malware Cybercrime

Twitter Says Hackers Accessed Dutch Politician's Inbox

Twitter says an elected Dutch official was among 36 account holders whose direct message inboxes were accessed in a recent high-profile hack.The politician, anti-Islam lawmaker Geert Wilders, said Thursday that he was informed by Twitter that his account was compromised by a hacker, who posted tweets on his account and sent false direct messages, or DMs, in
Publish At:2020-07-24 11:56 | Read:134 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Fraud & Identity

Website Security Breach Exposes 1 Million DNA Profiles

A genealogy website used to catch one of California’s most wanted serial killers remained shut down Thursday after a security breach exposed the DNA profiles of more than a million people to law enforcement agencies.GEDmatch said in a message emailed to members and posted Wednesday on its Facebook page that on Sunday a “sophisticated attack” on their servers
Publish At:2020-07-24 08:05 | Read:138 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Cybercrime Management

Twitter Says Hackers Accessed DM Inboxes in Recent Attack

Twitter on Wednesday revealed that attackers accessed the direct message (DM) inboxes of some of the accounts that were compromised in last week’s security incident.The attack took place on July 15 and involved the abuse of internal Twitter systems and tools to gain access to high-profile accounts such as those of Jeff Bezos, Mike Bloomberg, Bill Gates, or E
Publish At:2020-07-23 08:55 | Read:54 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Cybercrime Management

Securing Travel and Transportation Operations

Transportation networks are foundational to our modern way of life. The current restrictions on global movement and the corresponding reduction in demand for travel and transportation services, while profound, are temporary. Forecasting future demand and capacity requirements is nearly impossible. But, the travel and transportation industries are part of the
Publish At:2020-07-22 10:51 | Read:126 | Comments:0 | Tags:Incident Response Network Security Services Advanced Threat

DeepSource Says Hackers Compromised Its GitHub Application

Automated code review tool provider DeepSource this week announced that it reset tokens, secrets, private keys, and employee credentials after being informed that its GitHub application was compromised.Designed to help developers identify security flaws, bug risks, and performance issues during code review, DeepSource also provides integration with GitHub to
Publish At:2020-07-22 09:45 | Read:127 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Phishing Cybercrime Ma

Tools

Tag Cloud