HackDig : Dig high-quality web security articles for hackers

Hacking Christmas Gifts: Brushing with Bluetooth

If high-tech gadgets are on your holiday shopping list, it is worth taking a moment to think about the particular risks they may bring. Under the wrong circumstances, even an innocuous gift may introduce unexpected vulnerabilities. In this blog series, VERT will be looking at some of the Internet’s best-selling holiday gifts with an eye toward thei
Publish At:2021-02-18 02:44 | Read:176 | Comments:0 | Tags:Internet of Things bluetooth gift IoT security hack

Research Shows How Solar Energy Installations Can Be Abused by Hackers

Researchers at cybersecurity firm FireEye have analyzed a gateway device used for solar energy installations, and discovered vulnerabilities that could be useful to malicious hackers.The targeted device is the ConnectPort X2e made by Digi International, a US-based company that provides IT, networking and IoT solutions for industrial, enterprise and smart cit
Publish At:2021-02-17 14:05 | Read:188 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities IoT Security hack

OWASP IoT Top 10 Series: Weak or Hardcoded Password Policy OWASP

In the last blog we had explored OWASP IoT Top 10 vulnerabilities overview, now we will explore the impact of each of these OWASP vulnerabilities on IoT technologies and product development. And today we will explore the oldest and most common mistake which is a weak password configuration in these smart internet-connected devices. When it comes to findin
Publish At:2021-02-15 01:55 | Read:195 | Comments:0 | Tags:IoT Security Knowledge-base OWASP owasp IOT top 10 OWASP Top

Autonomous Vehicle Security Firm AUTOCRYPT Raises $15 Million

Autonomous vehicle security solutions provider AUTOCRYPT this week announced that it raised another $13 million in its Series A funding round, which brings the total secured in this round to roughly $15 million.The Seoul, South Korea-based firm aims to improve the safety of transportation through securing all of the connections a vehicle makes. The company p
Publish At:2021-02-11 13:47 | Read:234 | Comments:0 | Tags:NEWS & INDUSTRY Management & Strategy IoT Security s

IoT Security Firm Armis Raises $125 Million at $2 Billion Valuation

Enterprise IoT security company Armis on Wednesday announced another major funding round that brings its valuation to $2 billion.Armis said it raised $125 million in the latest round, which brings the total investment secured by the company to $300 million. The latest funding round was led by Brookfield Technology Partners, with participation
Publish At:2021-02-10 14:23 | Read:200 | Comments:0 | Tags:NEWS & INDUSTRY Management & Strategy IoT Security s

Virtual Event Today: IoT Lockdown - Join the Virtual Experience

SecurityWeek today will host IoT Lockdown, a virtual event where attendees can learn about innovative strategies and tools to mitigate the risk of Internet of Things (IoT) devices connected to enterprise networks, along with industrial and smart city environments.Register now and add to your calendar so you don't miss exclusive IoT security an
Publish At:2021-02-03 14:41 | Read:173 | Comments:0 | Tags:NEWS & INDUSTRY IoT Security

Pwn2Own 2021: Hackers Offered $200,000 for Zoom, Microsoft Teams Exploits

Trend Micro’s Zero Day Initiative (ZDI) on Tuesday announced the targets, prizes and rules for the Pwn2Own Vancouver 2021 hacking competition, a hybrid event scheduled to take place on April 6-8.Pwn2Own Vancouver typically takes place during the CanSecWest conference in Vancouver, Canada, but due to the coronavirus pandemic, this year’s event will be hybrid
Publish At:2021-01-27 07:11 | Read:285 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

NAT Slipstreaming 2.0 Exposes Devices on Internal Networks to Remote Attacks

A newly devised variant of the NAT Slipstreaming attack can be leveraged to compromise any device on the local network, according to researchers at enterprise IoT security firm Armis.Detailed in late October 2020, the NAT Slipstreaming attack relies on tricking the victim into accessing a specially crafted website and exploits the browser on the device, alon
Publish At:2021-01-26 11:41 | Read:203 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Vulne

DNSpooq Flaws Expose Millions of Devices to DNS Cache Poisoning, Other Attacks

Researchers at Israel-based boutique cybersecurity consultancy JSOF this week disclosed the details of seven potentially serious DNS-related vulnerabilities that could expose millions of devices to various types of attacks.The vulnerabilities, collectively tracked as DNSpooq, impact Dnsmasq, a widely used piece of open source software designed to provide DNS
Publish At:2021-01-20 08:45 | Read:232 | Comments:0 | Tags:Network Security NEWS & INDUSTRY SCADA / ICS Risk Manage

For Attackers, Home is Where the Hideout Is

Remember the good ol’ days of playing hide-and-seek? It’s hard to forget the rush of finding the perfect hiding place. I remember crouching into a tiny ball behind the clothes hanging in my mother’s closet, or standing frozen like a statue behind the curtain of our living room window. While it was “just a game” when we were kid
Publish At:2021-01-19 20:53 | Read:226 | Comments:0 | Tags:Data Protection Network Data Breach Internet of Things (IoT)

Hundreds of Networks Still Host Devices Infected With VPNFilter Malware

The VPNFilter malware is still present in hundreds of networks and malicious actors could take control of the infected devices, according to researchers at cybersecurity firm Trend Micro.Identified in 2018 and mainly focusing on Ukraine, VPNFilter rose to fame quickly due to the targeting of a large number of routers and network-attached storage (NAS) device
Publish At:2021-01-19 15:53 | Read:125 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

OWASP Top 10 Vulnerabilities IoT Security: Lack of Physical Hardening

With ever increases attack surfaces with IoT devices, physical hardening is also one of the important aspects of IoT Security. Many times these devices are being part of critical infrastructure and threat actors will desire to backdoor it abusing the OWASP top 10 vulnerabilities. There are a majority of ways in which an Iot device can be compromised and e
Publish At:2021-01-19 14:31 | Read:268 | Comments:0 | Tags:Cloud Security iOS Penetration Testing IoT Security News OWA

IoT Security Firm Vdoo Expands Series B Funding to $57 Million

New Funding Will Help IoT Device Security Firm Support Growing Demand from Telcos and Utilities Israeli IoT security start-up Vdoo announced on Wednesday that it has extended its Series B funding round to $57 million, bringing the total amount raised by the company to $70 million. The company previously announced its Series B round in April 2019 marked
Publish At:2021-01-13 15:35 | Read:199 | Comments:0 | Tags:IoT Security security

Ubiquiti breach, and other IoT security problems

Networking equipment manufacturer Ubiquiti sent out an email to warn users about a possible data breach. The email stated there had been unauthorized access to its IT systems that are hosted with a third-party cloud provider. Ubiquiti Networks sells networking devices and IoT devices. It did not specify which products were affected but pointed at UI.com,
Publish At:2021-01-12 16:00 | Read:305 | Comments:0 | Tags:IoT 2fa chastity belt IoT security passwords traffic lights

U.S. Releases Cybersecurity Plan for Maritime Sector

The U.S. government has released a plan with a list of top-priority items to mitigate threats and provide security to the crucial maritime sector.The National Maritime Cybersecurity Plan, which was made public (PDF) on Tuesday, highlights several priority actions to close maritime cybersecurity gaps and vulnerabilities over the next five years.The maritime s
Publish At:2021-01-05 20:23 | Read:274 | Comments:0 | Tags:Disaster Recovery NEWS & INDUSTRY Incident Response Comp

Tools

Tag Cloud