HackDig : Dig high-quality web security articles

Google fixes the fourth Chrome zero-day in 2022

Google addressed a high-severity zero-day Chrome vulnerability actively exploited in the wild, it is the fourth zero-day patched in 2022. Google has released Chrome 103.0.5060.114 for Windows to fix a high-severity zero-day Chrome vulnerability, tracked as CVE-2022-2294, which is actively exploited in the wild. The flaw is a heap buffer overflow that r
Publish At:2022-07-04 17:32 | Read:101 | Comments:0 | Tags:Breaking News Hacking Security Chrome information security n

Popular Django web framework affected by a SQL Injection flaw. Upgrade it now!

The development team behind the Django Project has addressed a high-severity SQL Injection flaw in its framework. Django is a free and open-source, Python-based web framework that follows the model–template–views (MTV) architectural pattern. Django is maintained by the independent organization Django Software Foundation. The latest releases of the
Publish At:2022-07-04 11:10 | Read:53 | Comments:0 | Tags:Breaking News Security Django Hacking hacking news informati

Unfaithful HackerOne employee steals bug reports to claim additional bounties

Bug bounty platform HackerOne disclosed that a former employee improperly accessed security reports submitted to claim additional bounties The vulnerability coordination and bug bounty platform HackerOne disclosed that a former employee improperly accessed security reports submitted by white-hat hackers to claim additional bounties. The investigation s
Publish At:2022-07-04 06:02 | Read:133 | Comments:0 | Tags:Breaking News Cyber Crime Security HackerOne Hacking hacking

Threat Report Portugal: Q2 2022

The Threat Report Portugal: Q2 2022 compiles data collected on the malicious campaigns that occurred from March to June, Q2, 2022. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automat
Publish At:2022-07-04 05:26 | Read:118 | Comments:0 | Tags:Breaking News Reports Security Cybercrime hacking news infor

Tens of Jenkins plugins are affected by zero-day vulnerabilities

Jenkins security team disclosed tens of flaws affecting 29 plugins for the Jenkins automation server, most of them are yet to be patched. Jenkins is the most popular open-source automation server, it is maintained by CloudBees and the Jenkins community. The automation server supports developers build, test and deploy their applications, it has hundreds of
Publish At:2022-07-03 17:32 | Read:164 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

Microsoft: Raspberry Robin worm already infected hundreds of networks

Microsoft announced that the Windows worm Raspberry Robin has already infected the networks of hundreds of organizations. Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. The malicious code uses Windows Installer to reach out to QNAP-associated domains and d
Publish At:2022-07-03 14:10 | Read:74 | Comments:0 | Tags:Breaking News Malware Cybercrime Hacking hacking news inform

Security Affairs newsletter Round 372 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. The role of Social Media in modern society – Social Media Day 22 interviewExperts shared PoC exploit code for RCE in Zoho ManageEngine ADAudit Plus toolA ransomware attack forced publishing giant Macmillan
Publish At:2022-07-03 13:22 | Read:105 | Comments:0 | Tags:Breaking News Security hacking news information security new

Half of actively exploited zero-day issues in H1 2022 are variants of previous flaws

Google Project Zero states that in H1 2022 at least half of zero-day issues exploited in attacks were related to not properly fixed old flaws. Google Project Zero researcher Maddie Stone published a blog post that resumes her speech at the FIRST conference in June 2022, the presentation is titled “0-day In-the-Wild Exploitation in 2022…so far“. S
Publish At:2022-07-03 10:00 | Read:144 | Comments:0 | Tags:Breaking News Security hacking news information security new

Experts shared PoC exploit code for RCE in Zoho ManageEngine ADAudit Plus tool

Researchers shared technical details and proof-of-concept exploit code for the CVE-2022-28219 flaw in Zoho ManageEngine ADAudit Plus tool. Security researchers from Horizon3.ai have published technical details and proof-of-concept exploit code for a critical vulnerability, tracked as CVE-2022-28219 (CVSS 9.8 out of 10), in the Zoho ManageEngine ADAudit Pl
Publish At:2022-07-02 17:32 | Read:207 | Comments:0 | Tags:Breaking News Hacking CVE-2022-28219 hacking news informatio

The role of Social Media in modern society – Social Media Day 22 interview

This is a transcription of an interview I had at Iran International broadcaster, I discussed about the role of social media in modern society. What’s the Middle East government’s role on Cyber bullying towards opposition activists? Middle East governments play a crucial role in cyberbullying against the opposition. Several independent organ
Publish At:2022-07-02 17:32 | Read:205 | Comments:0 | Tags:Breaking News Social Networks disinformation information sec

A ransomware attack forced publishing giant Macmillan to shuts down its systems

A cyber attack forced the American publishing giant Macmillan to shut down its IT systems.  The publishing giant Macmillan has been hit by a cyberattack that forced the company to shut down its IT infrastructure to prevent the threat from spreading within its network. The company spokesman Erin Coffey told different media outlets that at
Publish At:2022-07-02 01:28 | Read:229 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cybercrime informa

SessionManager Backdoor employed in attacks on Microsoft IIS servers worldwide

Researchers warn of a new ‘SessionManager’ Backdoor that was employed in attacks targeting Microsoft IIS Servers since March 2021. Researchers from Kaspersky Lab have discovered a new ‘SessionManager’ Backdoor that was employed in attacks targeting Microsoft IIS Servers since March 2021. “In early 2022, we investigated o
Publish At:2022-07-01 17:32 | Read:159 | Comments:0 | Tags:Breaking News Hacking Malware hacking news IIS information s

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

Microsoft spotted a cloud threat actor tracked as 8220 that is now targeting Linux servers in a long-running cryptomining campaign. Microsoft Security Intelligence experts are warning of a long-running campaign conducted by a cloud threat actor group, tracked as 8220, that is now targeting Linux servers to install crypto miners. “We observed nota
Publish At:2022-07-01 11:10 | Read:209 | Comments:0 | Tags:Breaking News Cyber Crime Digital ID Hacking Malware 8220 ha

Pro-Russian hackers launched a massive DDoS attack against Norway

Norway’s National Security Authority (NSM) confirmed that a DDoS attack took down some of the country’s most important websites. Norway’s National Security Authority (NSM) confirmed that some of the country’s most important websites and online services were taken down by a massive DDoS attack conducted by a pro-Russian group. NS
Publish At:2022-07-01 05:26 | Read:119 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Cyber Spetsnaz DDoS hack

Experts blame North Korea-linked Lazarus APT for the Harmony hack

North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. The company reported the incident to the authorities, the FBI is investigating the cyber heist with the help of several cybersecurity firms. 
Publish At:2022-06-30 14:10 | Read:130 | Comments:0 | Tags:APT Breaking News Digital ID Hacking hacking news informatio

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3