HackDig : Dig high-quality web security articles for hacker

Tupperware Website Compromised with Credit Card Skimmer

Digital attackers compromised the website of kitchen and household products manufacturer Tupperware with a credit card skimmer.On March 20, researchers at Malwarebytes observed that attackers had compromised tupperware[.]com by hiding malicious code within an image file. This code activated when a user attempted to check out and complete their purchase on Tu
Publish At:2020-03-27 09:26 | Read:146 | Comments:0 | Tags:IT Security and Data Protection Latest Security News credit

Industrial Entities in Middle East Targeted by WildPressure APT Operation

A newly detected advanced persistent threat (APT) operation called “WildPressure” targeted industrial organizations and other entities in the Middle East.Researchers at Kaspersky Lab observed WildPressue distributing samples of a fully operation trojan written in C++ called “Milum.” With timestamps dating back to March 2019, these sam
Publish At:2020-03-26 10:40 | Read:129 | Comments:0 | Tags:ICS Security Latest Security News Middle East Milum WildPres

Food Delivery Website in Germany Targeted by DDoS Attackers

Malicious individuals targeted a food delivery website located in Germany with a distributed denial-of-service (DDoS) attack.Jitse Groen, founder and CEO of the Germany-based food delivery service Takeaway (Lieferando.de), announced on March 18 that his company had suffered a DDoS attack.A #ddos attack on a food delivery website @takeaway in the middle of a
Publish At:2020-03-19 07:59 | Read:133 | Comments:0 | Tags:IT Security and Data Protection Latest Security News DDoS Ge

Nefilim Ransomware Threatens to Release Victims’ Data within a Week

A newly discovered ransomware family called “Nefilim” told its victims that it would publish their stolen data within a week unless they paid their ransom.According to Bleeping Computer, Nefilim started up near the end of February 2020. The threat attracted the attention of security researchers because it shared much of the same code with version
Publish At:2020-03-18 13:01 | Read:124 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Nefilim

Cloudflare Worker Employed as C&C Server by BlackWater Malware

Security researchers spotted BlackWater malware leveraging a Cloudflare Worker for command-and-control (C&C) functionality.MalwareHunterTeam observed that the threat activity began with an RAR file called “Important – COVID-19.rar.” The file pretended to contain important information about the global COVID-19 outbreak, an event which ot
Publish At:2020-03-16 07:55 | Read:313 | Comments:0 | Tags:IT Security and Data Protection Latest Security News BlackWa

Illinois Public Health Dept’s Website Went Down After NetWalker Attack

The website for a public health department in Illinois went down after the agency suffered a NetWalker ransomware attack.According to local media reports, officials at the Champaign-Urbana Public Health District (C-UPHD) became aware of the ransomware attack on March 10 when the department’s website went down.It took the agency, which serves 210,000 pe
Publish At:2020-03-13 11:37 | Read:216 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Coronav

Spam Campaign Leverages IQY Files to Distribute Paradise Ransomware

Security researchers detected a spam campaign leveraging Internet Query (IQY) files in an attempt to distribute Paradise ransomware.Lastline observed that the campaign began by trying to trick users into opening an IQY file, an Excel-readable text file which downloads data from the web. As such, this file retrieved a malicious Excel formula from the attacker
Publish At:2020-03-11 08:38 | Read:214 | Comments:0 | Tags:IT Security and Data Protection Latest Security News IQY Par

Chatbot Used by Phishing Scammers to Help Victims Provide Their Data

Digital fraudsters incorporated a chatbot into their phishing scam for the purpose of helping victims hand over their personal information.In a scam discovered by MalwareHunterTeam and shared with Bleeping Computer, digital attackers targeted Russian users with fake refunds of 159,700 rubles ($2,100) for unused web and phone services.The campaign stood out t
Publish At:2020-03-10 09:52 | Read:243 | Comments:0 | Tags:IT Security and Data Protection Latest Security News chatbot

Facebook Sued by OAIC for Allegedly Violating Over 300K Aussies’ Privacy

The Office of Australian Information Commissioner (OAIC) filed a lawsuit alleging that Facebook violated the privacy of over 300,000 of its Australian users.On March 9, OAIC announced that it had submitted court documents against Facebook. In those materials, it argued that Facebook had improperly protected 311,127 of its Australian users against “This
Publish At:2020-03-09 11:06 | Read:169 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Faceboo

Expired Certificates Used as Disguise to Spread Buerak, Mokes Malware

Researchers observed digital attackers employing expired security certificates as a disguise to distribute the Buerak downloader and Mokes malware.Kaspersky Lab learned of a new attack method in which malicious actors leveraged infected websites to warn visitors of an expired security certificate. The Russian security firm traced the first instances of these
Publish At:2020-03-06 11:02 | Read:222 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Buerak

Let’s Encrypt Says It Will Revoke 3M Certificates Due to Software Bug

Non-profit certificate authority (CA) Let’s Encrypt announced it will revoke more than three million digital certificates due to a software bug.On March 3, Let’s Encrypt revealed its plan to revoke 3,048,289 currently-valid certificates. That figure represented approximately 2.6% of the CA’s approximately 116 million active certificates at
Publish At:2020-03-04 09:42 | Read:153 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Bug cer

PwndLocker Ransomware Targeting Municipalities, Enterprise Networks

Security researchers discovered a new ransomware family called “PwndLocker” targeting municipalities and enterprise networks.Bleeping Computer learned that PwndLocker has been active since late 2019 and has targeted a variety of U.S. cities and organizations in that span of time.According to one source of the computer self-help site, the new rans
Publish At:2020-03-03 09:30 | Read:131 | Comments:0 | Tags:IT Security and Data Protection Latest Security News PwnedLo

Walgreens Disclosed Data Security Incident Involving Its Mobile App

Pharmacy store chain operator Walgreens notified some of its customers of a data security incident involving its mobile app.According to a sample notification letter sent to Office of the Attorney General of California, Walgreens detected an error involving its app’s secure personal messaging feature on January 15, 2020.The pharmacy store chain operato
Publish At:2020-03-02 08:23 | Read:218 | Comments:0 | Tags:IT Security and Data Protection Latest Security News mobile

More Than 140GB of Data Exposed by Israeli Marketing Company

An Israeli marketing company exposed more than 140GB of data by mishandling the credentials for an Elasticsearch database.A San Diego-based DevOps engineer who uses the Twitter handle 0m3n detected the disclosure after they grew tired of receiving text messages from “random phone numbers with similar messages containing links to gibberish domains.̶
Publish At:2020-02-28 10:55 | Read:246 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Elastic

Scammers Disguise Two Domains as CDN to Cloak Credit Card Skimmer

Scammers disguised two domains as a content delivery network (CDN) in an attempt to quietly target visitors with a credit card skimmer.Malwarebytes noticed something suspicious within the website code of a Parisian boutique store. At first, the script looked like a JQuery library loaded from a third-party CDN. But the actual content of the script included st
Publish At:2020-02-27 09:32 | Read:258 | Comments:0 | Tags:IT Security and Data Protection Latest Security News CDN cre

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud