HackDig : Dig high-quality web security articles for hackers

SAP Patches Serious Code Injection, DoS Vulnerabilities

German software maker SAP has published 10 advisories to document flaws and fixes for a range of serious security vulnerabilities.SAP also published a total of 7 other updates for previously released security notes on this month’s Patch Day, for a total of 17 Notes. Five of these carry the highest severity rating of Hot News.Dealing with multiple vulnerabili
Publish At:2021-01-12 16:11 | Read:148 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Ubiquiti Tells Users to Change Passwords After Breach at Cloud Provider

American technology company Ubiquiti this week revealed that one of its third-party cloud providers suffered a data breach.Founded in 2005, the New York City-based company manufactures wired and wireless data communication products for both corporate and home users, including routers, security cameras, network video recorders, and other Internet of Things de
Publish At:2021-01-12 12:17 | Read:139 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Cloud Security Data Pr

Intel Packs Ransomware Detection Directly Into vPro Platform

At the virtual Consumer Electronics Show (CES) on Monday, chipmaker Intel announced CPU-based ransomware detection capabilities has been fitted directly into the Intel vPro platform.  Increasingly targeting businesses, ransomware has become the most prominent threat to enterprises, requiring advanced solutions to keep their data and the data of the
Publish At:2021-01-12 12:17 | Read:188 | Comments:0 | Tags:Disaster Recovery Endpoint Security NEWS & INDUSTRY Appl

NSA Publishes Cybersecurity Year in Review Report

The United States National Security Agency (NSA) has released its 2020 Cybersecurity Year in Review report, which summarizes the NSA Cybersecurity Directorate's first full year of operation.The Cybersecurity Directorate was formally announced in July 2019, with a focus on protecting national security networks and the defense industrial base. Led by Ms. Anne
Publish At:2021-01-12 00:35 | Read:200 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Risk Management securi

Decryptor Released for Ransomware That Allegedly Helped Cybercriminals Make Millions

Bitdefender on Monday announced the availability of a free tool that organizations can use to recover files encrypted by DarkSide, a piece of ransomware that cybercriminals claim helped them make millions.DarkSide is a ransomware-as-a-service (RaaS) offering that was first announced on cybercrime forums in August 2020. DarkSide operators have been making mon
Publish At:2021-01-11 16:47 | Read:138 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Incident Response Viru

United Nations Environment Programme Exposed 100,000 Employee Records

Security researchers with Sakura Samurai identified exposed GitHub credentials on a United Nations Environment Programme (UNEP) subdomain, which allowed them to access a trove of data, including more than 100,000 employee records.While researching security flaws in assets within the scope of The United Nations’ vulnerability disclosure program, the Sakura Sa
Publish At:2021-01-11 12:53 | Read:213 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Incident Response Vulnerabilitie

Experts Weigh In on Cybersecurity Risks of Capitol-Like Attacks

Hundreds of protesters stormed the U.S. Capitol on Wednesday just as the House and Senate were certifying the election victory of Joe Biden. While much of the focus was on the physical destruction caused by the protesters, many people have pointed out that rioters gained access to computers in the Capitol, which in some cases were still turned on and logged
Publish At:2021-01-10 09:35 | Read:229 | Comments:0 | Tags:Disaster Recovery NEWS & INDUSTRY Incident Response Risk

Cybersecurity Ethics: Establishing a Code for Your SOC

Since security intersects so much with privacy, cybersecurity ethics decisions should be on your mind at work.  Being part of a high-performing computer security incident response team (CSIRT) or security operations center (SOC) involves making big, intentional decisions. Increasing the maturity of your team is more than dropping a bag of shiny n
Publish At:2021-01-08 19:41 | Read:166 | Comments:0 | Tags:Incident Response Risk Management Security Intelligence & An

NVIDIA Ships Patches for High-Severity Security Flaws

NVIDIA this week announced the release of software updates for its GPU display drivers and vGPU software, with fixes for a total of 16 vulnerabilities.A total of six security flaws were patched in the NVIDIA GPU display driver, all of them affecting the kernel mode layer. Three of the bugs impact Windows only, one affects only Linux systems, and two impact b
Publish At:2021-01-08 18:35 | Read:191 | Comments:0 | Tags:Disaster Recovery Network Security NEWS & INDUSTRY Incid

SolarWinds Taps Firm Started by Ex-CISA Chief Chris Krebs, Former Facebook CSO Alex Stamos

SolarWinds Hires New Cybersecurity Firm Founded by Former CISA Director Chris Krebs and Alex Stamos, Former Security Chief at Yahoo and FacebookFollowing a significant security incident that sent shockwaves through the global cybersecurity community, SolarWinds has hired a newly formed cybersecurity consulting firm founded by Chris Krebs, former director of
Publish At:2021-01-08 14:41 | Read:161 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response CISA CSO

Probe Launched Into Impact of SolarWinds Breach on Federal Courts

An investigation has been launched into the impact of the SolarWinds breach on the computer systems used by federal courts in the United States, which reportedly represented a target of interest to the hackers.The Administrative Office (AO) of the U.S. Courts said an investigation was launched in mid-December after the Cybersecurity and Infrastructure Securi
Publish At:2021-01-08 10:47 | Read:144 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Data Protection Cyberc

U.S. Department of State Approves New Cyberspace Security Bureau

United States Secretary of State Mike Pompeo this week approved the creation of the Bureau of Cyberspace Security and Emerging Technologies (CSET).Initially announced in 2019, the CSET Bureau should help the U.S. and its allies better handle expanding foreign cyber-threats. It is also meant as a step toward organizing America’s cyberspace and emerging techno
Publish At:2021-01-08 10:47 | Read:127 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Risk Management Securi

Red Hat Buys Container Security Firm StackRox

Red Hat on Thursday snapped up container and Kubernetes security startup StackRox, a deal that speeds up its ambitions in the enterprise cloud market.Financial terms of the deal were not announced.StackRox, based in Mountain View, Calif., raised about $65 million from a range of investors, including Menlo Ventures, Highland Capital Partners, Hewlett-Packard
Publish At:2021-01-07 23:05 | Read:197 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Incid

Perseverance. Pushing Security Operations Forward in 2021

We Have the Capabilities to Persevere and Reach the Next Level of Security MaturityFor obvious reasons, perseverance has been the theme for 2020 and will continue well into 2021. In the security industry it has been our watchword for decades, so in a sense this is nothing new. But how we have persevered has evolved through the years, and now we have the capa
Publish At:2021-01-07 15:17 | Read:136 | Comments:0 | Tags:INDUSTRY INSIGHTS Incident Response Security Infrastructure

Investigation Launched Into Role of JetBrains Product in SolarWinds Hack: Reports

Cybersecurity companies and U.S. intelligence agencies are investigating the possible role played by a product from JetBrains in the recently discovered SolarWinds hack, according to reports.The New York Times and Reuters reported on Wednesday that cybersecurity experts and government agencies are trying to determine whether the hackers that targeted SolarWi
Publish At:2021-01-07 08:45 | Read:129 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Incident Response Cybercrim

Tools

Tag Cloud