HackDig : Dig high-quality web security articles for hacker

Ring makes 2FA mandatory to keep hackers out of your doorbell account

byLisa VaasLeery of losing microseconds of your life by using two-factor authentication (2FA) to keep your stuff safe from hackers?Alas for you, but hurray for security. Bit by bit, the Internet of Things (IoT) is getting a wee bit more secure: last week, Google announced that it would soon begin forcing users of its Nest gadgets to use 2FA, and this week, s
Publish At:2020-02-20 07:51 | Read:129 | Comments:0 | Tags:2-factor Authentication Amazon IoT Security threats 2FA cred

Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way!

Go grab a copy of the Gerbers and 3D-printed Case STL files at https://github.com/whid-injector/Focaccia-Board and print through your favorite FAB. Prologue Even before the appearance of the word (I)IoT, I was breaking hardware devices, as many of you, with a multitude of debuggers (i.e. stlink, jlink, RS23–2-2USB, etc.). It was always a PITA
Publish At:2020-02-18 10:09 | Read:127 | Comments:0 | Tags:Hacking Internet of Things Focaccia Board hacking news IoT i

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Security experts have discovered multiple flaws, dubbed SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. A group of researchers has discovered multiple vulnerabilities, tracked as SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. The group was co
Publish At:2020-02-15 17:31 | Read:55 | Comments:0 | Tags:Breaking News Hacking Internet of Things Bluetooth informati

DDoS attacks in Q4 2019

News overview In the past quarter, DDoS organizers continued to harness non-standard protocols for amplification attacks. In the wake of WS-Discovery, which we covered in the previous report, cybercriminals turned to Apple Remote Management Service (ARMS), part of the Apple Remote Desktop (ARD) application for remote administration. The first attacks using A
Publish At:2020-02-15 12:54 | Read:192 | Comments:0 | Tags:DDoS reports Featured Botnets DDoS-attacks DNS Amplification

OT attacks increased by over 2000 percent in 2019, IBM reports

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. IBM’s 2020 X-Force Threat Intelligence Index report analyzes the threat landscape in 2019, the experts observed a spike in the number of OT attacks. According to IBM X-Force, attacks targeting operational technology (OT) infrastructure in
Publish At:2020-02-11 12:45 | Read:159 | Comments:0 | Tags:Hacking Internet of Things Malware Reports Echobot informati

IoT devices at major Manufacturers infected with crypto-miner

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? The experts reported that several IoT devices at some major manufa
Publish At:2020-02-09 10:43 | Read:258 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Internet of Things Malware

DDoS Attacks and IoT Exploits: New Activity from Momentum Botnet

by Aliakbar Zahravi  We recently found notable malware activity affecting devices running Linux, a platform that has battled numerous issues just this year. Further analysis of retrieved malware samples revealed that these actions were connected to a botnet called Momentum (named for the image found in its communication channel). We found new details on the
Publish At:2019-12-16 14:35 | Read:589 | Comments:0 | Tags:Botnets Exploits Internet of Things botnet IOT Momentum rout

The little-known ways mobile device sensors can be exploited by cybercriminals

The bevy of mobile device sensors in modern smartphones and tablets make them more akin to pocket-sized laboratories and media studios than mere communication devices. Cameras, microphones, accelerometers, and gyroscopes give incredible flexibility to app developers and utility to mobile device users. But the variety of inputs also give clever hackers new me
Publish At:2019-12-11 16:50 | Read:670 | Comments:0 | Tags:IoT accelerometer Android camera Google gyroscope Internet o

5G technology predictions 2020

Kaspersky Security Bulletin 2019. Advanced threat predictions for 2020 Cybersecurity of connected healthcare 2020: Overview and predictions Corporate security prediction 2020 Cyberthreats to financial institutions 2020: Overview and predictions It is estimated that data will reach 175 zettabytes worldwide by 2025, up from 1.2 zettabytes in 2010, when 4G wa
Publish At:2019-12-03 06:05 | Read:722 | Comments:0 | Tags:Kaspersky Security Bulletin Internet of Things Mobile securi

IT threat evolution Q3 2019

Targeted attacks and malware campaigns Mobile espionage targeting the Middle East At the end of June we reported the details of a highly targeted campaign that we dubbed ‘Operation ViceLeaker’ involving the spread of malicious Android samples via instant messaging. The campaign affected several dozen victims in Israel and Iran. We discovered this
Publish At:2019-11-30 13:05 | Read:912 | Comments:0 | Tags:Featured Malware reports Apple MacOS APT connected car Cyber

IT threat evolution Q3 2019. Statistics

These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network: Kaspersky solutions blocked 989,432,403 attacks launched from online resources in 203 countries across the globe. 560,025,316 unique URLs were recognized as malicious
Publish At:2019-11-30 13:05 | Read:858 | Comments:0 | Tags:Featured Malware reports Apple MacOS Financial malware Inter

Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK

By Joey Chen, Hiroyuki Kakara and Masaoki Shoji While we have been following cyberespionage group TICK (a.k.a. “BRONZE BUTLER” or “REDBALDKNIGHT”) since 2008, we noticed an unusual increase in malware development and deployments towards November 2018. We already know that the group uses previously deployed malware and modified tools for obfuscation, but we a
Publish At:2019-11-30 07:35 | Read:590 | Comments:0 | Tags:Bad Sites Exploits Internet of Things Malware Open source Sp

5G security and privacy for smart cities

The 5G telecommunications revolution is imminent. It is the next generation of cellular network, making use of the existing 4G LTE in addition to opening up the millimeter wave band. 5G will be able to welcome more network-connected devices and increase speeds considerably for users. It will serve as the foundation for advanced services, including: 8k strea
Publish At:2019-11-22 18:05 | Read:581 | Comments:0 | Tags:Publications Cyber espionage DDoS-attacks infrastructure Int

IoT bills and guidelines: a global response

You may not have noticed, but Internet of Things (IoT) rules and regulations are coming whether manufacturers want them or not. From experience, drafting up laws which are (hopefully) sensible and have some relevance to problems raised by current technology is a time-consuming, frustrating process. However, it’s not that long since we saw IoT devices go main
Publish At:2019-11-22 16:50 | Read:557 | Comments:0 | Tags:IoT Privacy Australia California internet Internet of Things

Kaspersky Security Bulletin 2019. Advanced threat predictions for 2020

Nothing is more difficult than making predictions. Rather than trying to gaze into a crystal ball, we will be making educated guesses based on what has happened during the last 12 months, to see where we can see trends that might be exploited in the near future. This is what we think might happen in the coming months, based on the knowledge of experts in thi
Publish At:2019-11-20 06:05 | Read:833 | Comments:0 | Tags:Featured Kaspersky Security Bulletin Data theft Electronic P

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud