HackDig : Dig high-quality web security articles for hacker

Visa Alert and Update on the Oracle Breach

Credit card industry giant Visa on Friday issued a security alert warning companies using point-of-sale devices made by Oracle‘s MICROS retail unit to double-check the machines for malicious software or unusual network activity, and to change passwords on the devices. Visa also published a list of Internet addresses that may have been involved in the O
Publish At:2016-08-13 21:00 | Read:4687 | Comments:0 | Tags:A Little Sunshine Latest Warnings The Coming Storm alex hold

Road Warriors: Beware of ‘Video Jacking’

A little-known feature of many modern smartphones is their ability to duplicate video on the device’s screen so that it also shows up on a much larger display — like a TV. However, new research shows that this feature may quietly expose users to a simple and cheap new form of digital eavesdropping. Dubbed “video jacking” by its master
Publish At:2016-08-11 14:10 | Read:4358 | Comments:0 | Tags:A Little Sunshine Latest Warnings The Coming Storm Android B

Social Security Administration Now Requires Two-Factor Authentication

The U.S. Social Security Administration announced last week that it will now require a cell phone number from all Americans who wish to manage their retirement benefits at ssa.gov. Unfortunately, the new security measure does little to prevent identity thieves from fraudulently creating online accounts to siphon benefits from Americans who haven’t yet
Publish At:2016-08-01 16:15 | Read:4346 | Comments:0 | Tags:A Little Sunshine Latest Warnings The Coming Storm my Social

Citing Attack, GoToMyPC Resets All Passwords

GoToMyPC, a service that helps people access and control their computers remotely over the Internet, is forcing all users to change their passwords, citing a spike in attacks that target people who re-use passwords across multiple sites. Owned by Santa Clara, Calif. based networking giant Citrix, GoToMyPC is a popular software-as-a-service product that lets
Publish At:2016-06-20 18:45 | Read:4582 | Comments:0 | Tags:Data Breaches Latest Warnings Citrix GoToMyPC John Bennett

Got $90,000? A Windows 0-Day Could Be Yours

How much would a cybercriminal, nation state or organized crime group pay for blueprints on how to exploit a serious, currently undocumented, unpatched vulnerability in all versions of Microsoft Windows? That price probably depends on the power of the exploit and what the market will bear at the time, but here’s a look at one convincing recent exploit
Publish At:2016-06-16 05:15 | Read:4745 | Comments:0 | Tags:A Little Sunshine Latest Warnings Ne'er-Do-Well News The Com

Dental Assn Mails Malware to Members

The American Dental Association (ADA) says it may have inadvertently mailed malware-laced USB thumb drives to thousands of dental offices nationwide. The problem first came to light in a post on the DSL Reports Security Forum. DSLR member “Mike” from Pittsburgh got curious about the integrity of a USB drive that the ADA mailed to members to share
Publish At:2016-04-28 12:20 | Read:3093 | Comments:0 | Tags:A Little Sunshine Latest Warnings ADA malware American Denta

FBI: $2.3 Billion Lost to CEO Email Scams

The U.S. Federal Bureau of Investigation (FBI) this week warned about a “dramatic” increase in so-called “CEO fraud,” e-mail scams in which the attacker spoofs a message from the boss and tricks someone at the organization into wiring funds to the fraudsters. The FBI estimates these scams have cost organizations more than $2.3 billion
Publish At:2016-04-18 15:05 | Read:3005 | Comments:0 | Tags:A Little Sunshine Latest Warnings The Coming Storm ceo fraud

Adobe Patches Flash Player Zero-Day Threat

Adobe Systems this week rushed out an emergency patch to plug a security hole in its widely-installed Flash Player software, warning that the vulnerability is already being exploited in active attacks. Adobe said a “critical” bug exists in all versions of Flash including Flash versions 21.0.0.197 and lower (older) across a broad range of systems,
Publish At:2016-04-18 15:05 | Read:2641 | Comments:0 | Tags:Latest Warnings Time to Patch cve-2016-1019 Flash Player zer

New Threat Can Auto-Brick Apple Devices

If you use an Apple iPhone, iPad or other iDevice, now would be an excellent time to ensure that the machine is running the latest version of Apple’s mobile operating system — version 9.3.1. Failing to do so could expose your devices to automated threats capable of rendering them unresponsive and perhaps forever useless. Zach Straley demonstratin
Publish At:2016-04-18 15:05 | Read:4311 | Comments:0 | Tags:A Little Sunshine Latest Warnings The Coming Storm Time to P

US-CERT to Windows Users: Dump Apple Quicktime

Microsoft Windows users who still have Apple Quicktime installed should ditch the program now that Apple has stopped shipping security updates for it, warns the Department of Homeland Security‘s U.S. Computer Emergency Readiness Team (US-CERT). The advice came just as researchers are reporting two new critical security holes in Quicktime that likely wo
Publish At:2016-04-18 15:05 | Read:3124 | Comments:0 | Tags:Latest Warnings Other Time to Patch Apple Quicktime Christop

From Stolen Wallet to ID Theft, Wrongful Arrest

It’s remarkable how quickly a stolen purse or wallet can morph into full-blown identity theft, and possibly even result in the victim’s wrongful arrest. All of the above was visited recently on a fellow infosec professional whose admitted lapse in physical security led to a mistaken early morning arrest in front of his kids. The guy police say st
Publish At:2016-03-17 08:25 | Read:4252 | Comments:0 | Tags:A Little Sunshine Latest Warnings Curity Equifax Experian In

Phishers Spoof CEO, Request W2 Forms

With tax filing season in the United States well underway, scammers who specialize in tax refund fraud have a new trick up their sleeves: Spoofing emails from a target organization’s CEO, asking human resources and accounting departments for employee W-2 information. Stu Sjouwerman, chief executive at security awareness training company KnowBe4, told K
Publish At:2016-03-11 07:20 | Read:2802 | Comments:0 | Tags:Latest Warnings Tax Refund Fraud The Coming Storm KnowBe4 St

Breached Credit Union Comes Out of its Shell

Notifying people and companies about data breaches often can be a frustrating and thankless job. Despite my best efforts, sometimes a breach victim I’m alerting will come away convinced that I am not an investigative journalist but instead a scammer. This happened most recently this week, when I told a California credit union that its online banking si
Publish At:2016-03-11 07:20 | Read:3182 | Comments:0 | Tags:A Little Sunshine Data Breaches Latest Warnings The Coming S

Seagate Phish Exposes All Employee W-2’s

Email scam artists last week tricked an employee at data storage giant Seagate Technology into giving away W-2 tax documents on all current and past employees, KrebsOnSecurity has learned. W-2 forms contain employee Social Security numbers, salaries and other personal data, and are highly prized by thieves involved in filing phony tax refund requests with th
Publish At:2016-03-11 07:20 | Read:3415 | Comments:0 | Tags:Latest Warnings Tax Refund Fraud The Coming Storm Eric DeRit

Security Bug in Dell PCs Shipped Since 8/15

All new Dell laptops and desktops shipped since August 2015 contain a serious security vulnerability that exposes users to online eavesdropping and malware attacks. Dell says it is prepping a fix for the issue, but experts say the threat may ultimately need to be stomped out by the major Web browser makers. At issue is a root certificate installed on newer D
Publish At:2015-12-02 02:10 | Read:3030 | Comments:0 | Tags:A Little Sunshine Latest Warnings Security Tools Ars Technic

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud