HackDig : Dig high-quality web security articles

How to train your Ghidra

Getting started with Ghidra For about two decades, being a reverse engineer meant that you had to master the ultimate disassembly tool, IDA Pro. Over the years, many other tools were created to complement or directly replace it, but only a few succeeded. Then came the era of decompilation, adding even more to the cost and raising the barrier to entry into th
Publish At:2022-12-09 11:33 | Read:5833 | Comments:0 | Tags:Software Ghidra Malware Researchers tools Reverse engineerin

Zombinder APK binding service used in multiple malware attacks

Zombinder is a third-party service on darknet used to embed malicious payloads in legitimate Android applications. While investigating a new malware campaign targeting Android and Windows systems, researchers at Threat Fabric discovered a darknet service, dubbed Zombinder, used to embed malicious payloads in legitimate Android apps. The campaign involv
Publish At:2022-12-08 18:30 | Read:42491 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Hacking Malware Mobile An

Apple Scraps CSAM Detection Tool for iCloud Photos

Apple has scrapped plans to ship a controversial child pornography protection tool for iCloud Photos, a concession to privacy rights advocates who warned it could have been used for government surveillance.Instead, the Cupertino, California device maker said it would expand investments into different tooling and features to warn children if they receive or a
Publish At:2022-12-08 14:29 | Read:30298 | Comments:0 | Tags:Endpoint Security Mobile Security NEWS & INDUSTRY Privac

Iranian Hackers Deliver New 'Fantasy' Wiper to Diamond Industry via Supply Chain Attack

An Iran-linked advanced persistent threat (APT) actor named Agrius is using a new wiper in attacks targeting entities in South Africa, Israel and Hong Kong, cybersecurity firm ESET reports.Mainly focused on victims in Israel and the United Arab Emirates, Agrius is a threat actor active since at least 2020, exploiting known vulnerabilities for initial access.
Publish At:2022-12-08 11:55 | Read:25984 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

APT37 used Internet Explorer Zero-Day in a recent campaign

Google warns that the North Korea-linked APT37 group is exploiting Internet Explorer zero-day flaw to spread malware. North Korea-linked APT37 group (aka ScarCruft, Reaper, and Group123) actively exploited an Internet Explorer zero-day vulnerability, tracked as CVE-2022-41128, in attacks aimed at South Korean users. Google Threat Analysis Group researc
Publish At:2022-12-08 11:50 | Read:26057 | Comments:0 | Tags:APT Breaking News Hacking Malware APT37 hacking news informa

Apple Adding End-to-End Encryption to iCloud Backup

Apple on Wednesday announced plans to beef up data security protections on its flagship devices with the addition of new encryption tools for iCloud backups and a feature to help users verify identities in the Messages app.The security-themed upgrades, scheduled to ship in 2023, includes a new feature called Advanced Data Protection for iCloud offering end-t
Publish At:2022-12-07 22:24 | Read:39055 | Comments:0 | Tags:Endpoint Security Mobile Security NEWS & INDUSTRY Audits

Google Documents IE Browser Zero-Day Exploited by North Korean Hackers

Google’s Threat Analysis Group (TAG) has shared technical details on an Internet Explorer zero-day vulnerability exploited in attacks by North Korean hacking group APT37.Tracked as CVE-2022-41128 (CVSS score of 8.8), the vulnerability was identified in the browser’s ‘JScript9’ JavaScript engine and can be exploited by remote attackers to execute arbitrary co
Publish At:2022-12-07 18:26 | Read:30976 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

Self-Propagating 'Zerobot' Botnet Targeting Spring4Shell, IoT Vulnerabilities

A newly observed botnet capable of self-replicating and self-propagation is targeting multiple Internet of Things (IoT) vulnerabilities for initial access, cybersecurity solutions provider Fortinet warns.Dubbed Zerobot, the malware is written in the Golang (Go) programming language and has several modules for self-replication, self-propagation, and for condu
Publish At:2022-12-07 14:28 | Read:36014 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Investors Pour $200M Into Compliance Automation Startup Drata

High-flying security compliance and automation startup Drata continues to attract major venture capital investor interest, banking $200 million in Series C funding that values the company north of $2 billion.The $200 million cash infusion comes less than two years after the San Diego, Calif-based company emerged from stealth with ambitious plans to design an
Publish At:2022-12-07 14:28 | Read:50387 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

New Go-based botnet Zerobot exploits dozens of flaws

Researchers discovered a new Go-based botnet called Zerobot that exploits two dozen security vulnerabilities IoT devices. Fortinet FortiGuard Labs researchers have discovered a new Go-based botnet called Zerobot that spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications. “This botn
Publish At:2022-12-07 11:49 | Read:44556 | Comments:0 | Tags:Breaking News Cyber Crime Internet of Things Malware botnet

DEV-0139 launches targeted attacks against the cryptocurrency industry

Over the past several years, the cryptocurrency market has considerably expanded, gaining the interest of investors and threat actors. Cryptocurrency itself has been used by cybercriminals for their operations, notably for ransom payment in ransomware attacks, but we have also observed threat actors directly targeting organizations within the cryptocurrency
Publish At:2022-12-06 13:39 | Read:60818 | Comments:0 | Tags:Cybersecurity malware Microsoft Microsoft security intellige

Ransomware Toolkit Cryptonite turning into an accidental wiper

Researchers spotted a version of the open-source ransomware toolkit Cryptonite that doesn’t support decryption capabilities. Fortinet researchers discovered a sample of malware generated with the publicly available open-source ransomware toolkit Cryptonite that never offers the decryption window, turning it as a wiper. The experts also reported an
Publish At:2022-12-06 07:51 | Read:54915 | Comments:0 | Tags:Breaking News Cyber Crime Malware cryptonite ransomware tool

Redigo: New Backdoor Targeting Redis Servers

Researchers at cloud security company Aqua Security are raising alarm on a newly identified backdoor targeting Redis servers.Dubbed Redigo, the malware is written in Go and was seen being deployed in an attack that exploited a known Redis vulnerability (CVE-2022-0543, CVSS score of 10) for initial access.Leading to remote code execution (RCE), the bug made h
Publish At:2022-12-05 14:28 | Read:68780 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Balance Theory Scores Seed Funding for Secure Workspace Collaboration

Balance Theory, a seed-stage startup working on technology to help security teams collaborate and manage data flows securely, has closed a $3 million funding round.The Columbia, Maryland-based Balance Theory said the early-stage investment was led by DataTribe with participation from TEDCO.Balance Theory, the brainchild of former Decision Lab founders Greg B
Publish At:2022-12-05 14:28 | Read:42982 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

French hospital cancels operations after a ransomware attack

A French hospital near Paris canceled operations and transfer some patients due to a cyber attack suffered over the weekend. France’s health ministry announced that the Hospital Centre of Versailles was hit by a cyber attack over the weekend. Hospital Centre of Versailles, which includes Andre-Mignot Hospital, Richaud Hospital and the Despagne Re
Publish At:2022-12-05 11:49 | Read:40768 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Security Cybercrim

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud

Keywords