HackDig : Dig high-quality web security articles

FBI warns swatting attacks on owners of smart devices

The Federal Bureau Investigation (FBI) is warning owners of smart home devices with voice and video capabilities of ‘swatting’ attacks. The FBI has recently issued an alert to warn owners of smart home devices with voice and video capabilities of so-called “swatting” attacks. Swatting attacks consist of hoax calls made to emergency services
Publish At:2021-01-02 11:48 | Read:1003 | Comments:0 | Tags:Breaking News Cyber Crime Internet of Things Security Hackin

Expert found a secret backdoor in Zyxel firewall and VPN

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583, related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. The vulnerability, tracked as CVE-2020-29583 received a CVSS sc
Publish At:2021-01-01 16:18 | Read:1168 | Comments:0 | Tags:Breaking News Hacking Internet of Things CVE-2020-29583 hack

Hacking Christmas Gifts: Artie Drawing Robot

If high-tech gadgets are on your holiday shopping list, it is worth taking a moment to think about the particular risks they may bring. Under the wrong circumstances, even an innocuous gift may introduce unexpected vulnerabilities. In this blog series, VERT will be looking at some of the Internet’s best-selling holiday gifts with an eye toward thei
Publish At:2020-12-23 13:32 | Read:438 | Comments:0 | Tags:Internet of Things IoT IoT security robot WiFi hack

Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices

Experts reported flaws in Medtronic ’s MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of a paired cardiac device. Experts from IoT security firm Sternum discovered vulnerabilities discovered in Medtronic’s MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of a paired cardiac device
Publish At:2020-12-15 18:42 | Read:522 | Comments:0 | Tags:Breaking News Hacking Internet of Things hacking news inform

Kaspersky Security Bulletin 2020. Statistics

All statistics in this report are from the global cloud service Kaspersky Security Network (KSN), which receives information from components in our security solutions. The data was obtained from users who have given their consent to it being sent to KSN. Millions of Kaspersky users around the globe assist us in this endeavor to collect information about mali
Publish At:2020-12-15 06:20 | Read:612 | Comments:0 | Tags:Featured Kaspersky Security Bulletin Apple MacOS Financial m

QNAP fixed eight flaws that could allow NAS devices takeover

Network-attached storage (NAS) vendor QNAP addressed vulnerabilities that could enable attackers to take over unpatched NAS devices. The Taiwanese vendor QNAP has released security updates to fix eight vulnerabilities that could be exploited by attackers to over unpatched NAS devices. The list of vulnerabilities addressed by QNAP is available here, it
Publish At:2020-12-08 07:18 | Read:399 | Comments:0 | Tags:Breaking News Internet of Things Security Hacking hacking ne

Education predictions 2021

Changes in the education system have been brewing for a long time, with digitalization as the main direction of this transformation. The breakthrough came this year as about 1.5 billion students were unable to attend school due to the COVID-19 pandemic. As a result, educational systems all over the world underwent significant change. Educators were forced to
Publish At:2020-12-02 10:37 | Read:488 | Comments:0 | Tags:Featured Kaspersky Security Bulletin Cybercrime Internet of

Multi-Vector Miner+Tsunami Botnet with SSH Lateral Movement

Security researcher Tolijan Trajanovski (@tolisec) analyzed the multi-vector Miner+Tsunami Botnet that implements SSH lateral movement. A fellow security researcher, 0xrb, shared with me samples of a botnet that propagates using weblogic exploit. The botnet was also discovered by @BadPackets 5 days ago and it is still active as of now, December
Publish At:2020-12-02 07:00 | Read:584 | Comments:0 | Tags:Breaking News Internet of Things Malware botnet Hacking hack

IoT cybersecurity bill passed by Senate

Days before taking a week-long Thanksgiving recess, the US Senate passed an almost mundane cybersecurity bill that, if approved by the President, will improve security guidelines and protocols for Internet of Things (IoT) devices purchased and owned by the Federal government. The bill, called the Internet of Things Cybersecurity Improvement Act of 2020, w
Publish At:2020-11-25 13:36 | Read:621 | Comments:0 | Tags:Government Security world House of Representatives Internet

IT threat evolution Q3 2020. Non-mobile statistics

These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, in Q3: Kaspersky solutions blocked 1,416,295,227 attacks launched from online resources across the globe. 456,573,467 unique URLs were recognized as malicious by Web
Publish At:2020-11-20 07:18 | Read:531 | Comments:0 | Tags:Featured Malware reports Apple MacOS Financial malware Inter

IoT forecast: Running antivirus on your smart device?

In 2016, threat actors pulled off a basic but devastating botnet attack that harnessed the power of the Internet of Things (IoT). After gathering a list of 61 default username and password combinations for IoT devices, threat actors scanned the Internet for open Telnet ports and, when they found a vulnerable device, gained entry, eventually amassing an ar
Publish At:2020-11-19 17:12 | Read:660 | Comments:0 | Tags:Malwarebytes news antivirus DDos attack Internet of Things I

Adventures in MQTT Part II: Identifying MQTT Brokers in the Wild

The use of publicly accessible MQTT brokers is prevalent across numerous verticals and technology fields. I was able to identify systems related to energy production, hospitality, finance, healthcare, pharmaceutical manufacturing, building management, surveillance, workplace safety, vehicle fleet management, shipping, construction, natural resource managemen
Publish At:2020-11-19 02:44 | Read:713 | Comments:0 | Tags:Featured Articles Internet of Things IoT MQTT vulnerabilites

A week in security (November 9 – November 15)

Last week on Malwarebytes Labs, we reported on multiple patch releases: from Mozilla’s Firefox and Thunderbird to Google’s Chrome. We also had a chat with our resident experts, Adam Kujawa and John Donovan, about the future of IoT cybersecurity in our latest Lock and Code podcast episode. Lastly, we took a look at a new ransomware called RegretLo
Publish At:2020-11-16 15:06 | Read:577 | Comments:0 | Tags:A week in security amazon amazon scam android malware BBB Be

Lock and Code S1Ep19: Forecasting IoT cybersecurity with John Donovan and Adam Kujawa

This week on Lock and Code, we offer something special for listeners—a backstage pass to a cybersecurity training that we held for employees during Cybersecurity Awareness Month, which ended in October. The topic? The future of cybersecurity for the Internet of Things. Our guests, Chief Information Security Officer John Donovan and Security Evangelist
Publish At:2020-11-09 15:23 | Read:793 | Comments:0 | Tags:Podcast cybersecurity awareness month elections hacking hosp

DDoS attacks in Q3 2020

News overview Q3 was relatively calm from a DDoS perspective. There were no headline innovations, although cybercriminals did continue to master techniques and develop malware already familiar to us from the last reporting period. For example, another DDoS botnet joined in the assault on Docker environments. The perpetrators infiltrated the target server, cr
Publish At:2020-10-28 07:50 | Read:653 | Comments:0 | Tags:DDoS reports Featured Botnets Cybercrime DDoS-attacks Intern