HackDig : Dig high-quality web security articles for hacker

Zxyel Flaw Powers New Mirai IoT Botnet Strain

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. This week, security researchers said they spotted that same vulnerability being exploited by a new variant of Mirai, a malware strain that targets vulner
Publish At:2020-03-20 12:41 | Read:117 | Comments:0 | Tags:Latest Warnings Time to Patch CVE-2020-9054 mirai Mukashi Pa

Coronavirus Widens the Money Mule Pool

With many people being laid off or working from home thanks to the Coronavirus pandemic, cybercrooks are almost certain to have more than their usual share of recruitable “money mules” — people who get roped into money laundering schemes under the pretense of a work-at-home job offer. Here’s the story of one upstart mule factory that
Publish At:2020-03-17 20:05 | Read:172 | Comments:0 | Tags:A Little Sunshine Latest Warnings Web Fraud 2.0 alex holden

Live Coronavirus Map Used to Spread Malware

Cybercriminals constantly latch on to news items that captivate the public’s attention, but usually they do so by sensationalizing the topic or spreading misinformation about it. Recently, however, cybercrooks have started disseminating real-time, accurate information about global infection rates tied to the Coronavirus/COVID-19 pandemic in a bid to in
Publish At:2020-03-12 15:01 | Read:371 | Comments:0 | Tags:Latest Warnings The Coming Storm Azorult Coronavirus malware

Zyxel 0day Affects its Firewall Products, Too

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products. This week’s story on the Zyxel patch
Publish At:2020-02-26 12:56 | Read:167 | Comments:0 | Tags:Latest Warnings Time to Patch 0day alex holden zero day ZyXe

Zyxel Fixes 0day in Network Storage Devices

Patch comes amid active exploitation by ransomware gangs Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerabili
Publish At:2020-02-24 15:24 | Read:191 | Comments:0 | Tags:Latest Warnings The Coming Storm Time to Patch 0day 500mhz a

Dangerous Domain Corp.com Goes Up for Sale

As an early domain name investor, Mike O’Connor had by 1994 snatched up several choice online destinations, including bar.com, cafes.com, grill.com, place.com, pub.com and television.com. Some he sold over the years, but for the past 26 years O’Connor refused to auction perhaps the most sensitive domain in his stable — corp.com. It is sensi
Publish At:2020-02-08 15:35 | Read:292 | Comments:0 | Tags:Latest Warnings The Coming Storm Active Directory corp.com D

Sprint Exposed Customer Support Site to Web

Fresh on the heels of a disclosure that Microsoft Corp. leaked internal customer support data to the Internet, mobile provider Sprint has addressed a mix-up in which posts to a private customer support community were exposed to the Web. KrebsOnSecurity recently contacted Sprint to let the company know that an internal customer support forum called “Soc
Publish At:2020-01-29 15:35 | Read:382 | Comments:0 | Tags:Data Breaches Latest Warnings Lisa Belot microsoft Sprint vi

Does Your Domain Have a Registry Lock?

If you’re running a business online, few things can be as disruptive or destructive to your brand as someone stealing your company’s domain name and doing whatever they wish with it. Even so, most major Web site owners aren’t taking full advantage of the security tools available to protect their domains from being hijacked. Here’s the
Publish At:2020-01-24 15:35 | Read:725 | Comments:0 | Tags:Latest Warnings The Coming Storm Web Fraud 2.0 Arno Vis CSC

Phishing for Apples, Bobbing for Links

Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple, whose brand by many measures remains among the most-targeted. Past stories here have examined how scammers working with organized gangs try to phish iCloud credentials from Apple customers who have a mobile device that is lost or s
Publish At:2020-01-13 15:35 | Read:264 | Comments:0 | Tags:Latest Warnings Web Fraud 2.0 Apple phishing

Tricky Phish Angles for Persistence, Not Passwords

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service. Anyone who takes the bait will inadvertentl
Publish At:2020-01-07 20:35 | Read:474 | Comments:0 | Tags:Latest Warnings The Coming Storm Web Fraud 2.0 Jeff Jones lo

Patch Tuesday Lowdown, October 2019 Edition

On Tuesday Microsoft issued software updates to fix almost five dozen security problems in Windows and software designed to run on top of it. By most accounts, it’s a relatively light patch batch this month. Here’s a look at the highlights. Happily, only about 15 percent of the bugs patched this week earned Microsoft’s most dire “crit
Publish At:2019-10-09 04:40 | Read:3613 | Comments:0 | Tags:Latest Warnings Security Tools Time to Patch CVE-2019-1367 I

Phishers are Angling for Your Cloud Providers

Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers. Here’s a look at a recent CRM-based phishing campaign that targeted customers of Fo
Publish At:2019-09-19 16:10 | Read:540 | Comments:0 | Tags:Latest Warnings The Coming Storm Web Fraud 2.0 Anti-Phishing

Before He Spammed You, this Sly Prince Stalked Your Mailbox

A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: It was sent via the U.S. Postal Service, with a postmarked stamp and everything. In truth these old fashioned “advance fee” or “419” scams pr
Publish At:2019-09-19 16:10 | Read:605 | Comments:0 | Tags:A Little Sunshine Latest Warnings Ne'er-Do-Well News

Visa Alert and Update on the Oracle Breach

Credit card industry giant Visa on Friday issued a security alert warning companies using point-of-sale devices made by Oracle‘s MICROS retail unit to double-check the machines for malicious software or unusual network activity, and to change passwords on the devices. Visa also published a list of Internet addresses that may have been involved in the O
Publish At:2016-08-13 21:00 | Read:5591 | Comments:0 | Tags:A Little Sunshine Latest Warnings The Coming Storm alex hold

Road Warriors: Beware of ‘Video Jacking’

A little-known feature of many modern smartphones is their ability to duplicate video on the device’s screen so that it also shows up on a much larger display — like a TV. However, new research shows that this feature may quietly expose users to a simple and cheap new form of digital eavesdropping. Dubbed “video jacking” by its master
Publish At:2016-08-11 14:10 | Read:5279 | Comments:0 | Tags:A Little Sunshine Latest Warnings The Coming Storm Android B

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud