HackDig : Dig high-quality web security articles

Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue

Researchers published an exploit for an actively exploited Microsoft Windows vulnerability tracked as CVE-2023-29336. The Microsoft Windows vulnerability CVE-2023-29336 (CVSS score 7.8) is an elevation of privilege issue that resides in the Win32k component. Win32k.sys is a system driver file in the Windows operating system. The driver is responsible for
Publish At:2023-06-08 21:20 | Read:13651 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Experts detail a new Kimsuky social engineering campaign

North Korea-linked APT Kimsuky has been linked to a social engineering campaign aimed at experts in North Korean affairs. SentinelLabs researchers uncovered a social engineering campaign by the North Korea-linked APT group Kimsuky that is targeting experts in North Korean affairs. The attacks are part of a broader campaign recently detailed in a joint adv
Publish At:2023-06-08 15:25 | Read:23614 | Comments:0 | Tags:APT Breaking News Cyber warfare Intelligence Malware Hacking

German recruiter Pflegia leaks sensitive job seeker info

Pflegia, a German healthcare recruitment platform, has exposed hundreds of thousands of files with sensitive user data such as names, home addresses, and emails. Scouting for a new career can be stressful. Now imagine that, instead of a new role, you find that your resume data was exposed. That’s what job seekers using Pflegia’s services are dealing with.
Publish At:2023-06-08 11:27 | Read:26976 | Comments:0 | Tags:Breaking News Security data leak Hacking hacking news inform

Cisco fixes privilege escalation bug in Cisco Secure Client

Cisco addressed a high-severity flaw in Cisco Secure Client that can allow attackers to escalate privileges to the SYSTEM account. Cisco has fixed a high-severity vulnerability, tracked as CVE-2023-20178 (CVSS Score 7.8), found in Cisco Secure Client (formerly AnyConnect Secure Mobility Client) that can be exploited by low-privileged, authenticated, local
Publish At:2023-06-08 07:29 | Read:29769 | Comments:0 | Tags:Breaking News Security CISCO Hacking hacking news informatio

Barracuda ESG appliances impacted by CVE-2023-2868 must be immediately replaced

Barracuda warns customers to immediately replace Email Security Gateway (ESG) appliances impacted by the flaw CVE-2023-2868. At the end of May, the network security solutions provider Barracuda warned customers that some of its Email Security Gateway (ESG) appliances were recently breached by threat actors exploiting a now-patched zero-day vulnerability.
Publish At:2023-06-08 03:31 | Read:39711 | Comments:0 | Tags:Breaking News Hacking Security Barracuda hacking news inform

VMware fixes a command injection flaw CVE-2023-20887 in VMware Aria Operations for Networks

Virtualization giant VMware addressed critical and high-severity vulnerabilities in VMware Aria Operations for Networks. Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. VMware A
Publish At:2023-06-07 19:23 | Read:35993 | Comments:0 | Tags:Breaking News Security CVE-2023-20887 Hacking hacking news i

Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug

Clop ransomware group claims to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability. The Clop ransomware group may have compromised hundreds of companies worldwide by exploiting a vulnerability in MOVEit Transfer software. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer fi
Publish At:2023-06-07 15:25 | Read:41443 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware clop ransomware Cy

June 2023 Security Update for Android fixed Arm Mali GPU bug used by spyware

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. Security updates released this month also addressed a vul
Publish At:2023-06-07 11:27 | Read:28447 | Comments:0 | Tags:Breaking News Malware Mobile Security Android Hacking hackin

+60,000 Android apps spotted hiding adware for past six months

Bitdefender researchers have discovered 60,000 different Android apps secretly installing adware in the past six months. Bitdefender announced the discovery of more than 60,000 Android apps in the past six months that were spotted installing adware on Android devices. The researchers discovered the hidden adware by using a recently announced anomaly de
Publish At:2023-06-07 07:29 | Read:50288 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile adware Android Cybe

New PowerDrop malware targets U.S. aerospace defense industry

A previously unknown threat actor has been observed targeting the U.S. aerospace defense sector with a new PowerShell malware dubbed PowerDrop. Researchers from the Adlumin Threat Research discovered a new malicious PowerShell script, dubbed PowerDrop, that was employed in attacks aimed at organizations in the U.S. aerospace sector. The PowerShell-base
Publish At:2023-06-07 07:29 | Read:64121 | Comments:0 | Tags:APT Hacking Malware aerospace sector hacking news informatio

Hackers stole around $35 million in Atomic Wallet security breach

Threat actors have stolen more than $35 million from the decentralized cryptocurrency wallet platform Atomic Wallet. Atomic Wallet is a multi-currency cryptocurrency wallet that allows users to securely store, manage, and exchange various digital assets in a single application. It is designed to provide a user-friendly interface and a comprehensive set of
Publish At:2023-06-06 15:25 | Read:60018 | Comments:0 | Tags:Breaking News Cyber Crime Digital ID Hacking Atomic Wallet h

Google fixed the third Chrome zero-day of 2023

Google released security updates to address a high-severity zero-day flaw in the Chrome web browser that it actively exploited in the wild. Google released security updates to address a high-severity vulnerability, tracked as CVE-2023-3079, in its Chrome web browser. The vulnerability is a type confusion issue that resides in the V8 JavaScript engine. The
Publish At:2023-06-06 11:27 | Read:36074 | Comments:0 | Tags:Breaking News Hacking Chrome Google TAG hacking news informa

Cyclops Ransomware group offers a multiplatform Info Stealer

Researchers from security firm Uptycs reported that threat actors linked to the Cyclops ransomware are offering a Go-based information stealer. The Cyclops group has developed multi-platform ransomware that can infect Windows, Linux, and macOS systems. In an unprecedented move, the group is also offering a separate information-stealer malware that can be
Publish At:2023-06-06 07:29 | Read:45177 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Cyclops ransomw

British Airways, BBC and Boots were impacted the by Zellis data breach

The BBC and British Airways were both impacted by the data breach suffered by the payroll provider Zellis. As a result of the cyber attack on the payroll provider Zellis, the personal data of employees at the BBC and British Airways has been compromised and exposed. “Zellis, a payroll company based in the UK, is understood to have been impacted b
Publish At:2023-06-06 03:31 | Read:39137 | Comments:0 | Tags:Breaking News Data Breach Hacking BBC British Airways data b

KeePass fixed the bug that allows the extraction of the cleartext master password

KeePass addressed the CVE-2023-32784 bug that allows the extraction of the cleartext master password from the memory of the client. KeePass has addressed the CVE-2023-32784 vulnerability, which allowed the retrieval of the clear-text master password from the client’s memory. KeePass is a free and open-source software used to securely manage pass
Publish At:2023-06-05 15:25 | Read:47057 | Comments:0 | Tags:Breaking News Security Hacking hacking news information secu


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud