HackDig : Dig high-quality web security articles for hacker

‘Petya’ Ransomware Outbreak Goes Global

A new strain of ransomware dubbed “Petya” is worming its way around the world with alarming speed. The malware is spreading using a vulnerability in Microsoft Windows that the software giant patched in March 2017 — the same bug that was exploited by the recent and prolific WannaCry ransomware strain. The ransom note that gets displayed on s
Publish At:2017-06-28 06:00 | Read:483 | Comments:0 | Tags:Other Bitcoin DLA Piper Eternal Blue Group-IB ICSI ISACA Leg

Petya Weren’t Expecting This: Ransomware Takes Systems Hostage Across the Globe

Early on Tuesday, June 27, reports began to circulate that organizations in the Ukraine and elsewhere in Europe were suffering ransomware attacks. It quickly became clear that this Petya attack could equal or surpass the May WannaCry attack. WannaCry’s spread was so successful because it was powered by a flaw in Windows, and although Microsoft had rele
Publish At:2017-06-27 20:30 | Read:275 | Comments:0 | Tags:Malware Advanced Threats IBM Security IBM X-Force Exchange I

The Hidden Privacy Issues With Windows 10: The Injection of Ads and How to Improve Your Online Privacy

Microsoft’s Windows 10 is rapidly replacing older operating systems in both personal and professional environments. As with any OS, however, there are several key things you need to know upfront. The addition of unique advertising IDs that inject Microsoft ads into your browser, recommended express privacy settings and cloud syncing of personal inform
Publish At:2017-05-14 01:10 | Read:460 | Comments:0 | Tags:Endpoint Identity & Access advertising opt-out page cortana

Lesson Learned From Stuxnet

Security researchers discovered Stuxnet in 2010, and it has since become one of the most well-known malware campaigns in history. The cybercriminals behind the attack developed the infamous worm to damage programmable logic controllers (PLCs) and supervisory control and data acquisition (SCADA) systems using four zero-day vulnerabilities in Microsoft Windows
Publish At:2017-03-10 12:10 | Read:769 | Comments:0 | Tags:Energy and Utility Infrastructure Protection Energy Industry

New(ish) Mirai Spreader Poses New Risks

A cross-platform win32-based Mirai spreader and botnet is in the wild and previously discussed publicly. However, there is much information confused together, as if an entirely new IoT bot is spreading to and from Windows devices. This is not the case. Instead, an accurate assessment is that a previously active Windows botnet is spreading a Mirai bot variant
Publish At:2017-02-21 07:15 | Read:2082 | Comments:0 | Tags:Blog Research Botnets Internet of Things Microsoft Windows M

New Critical Fixes for Flash, MS Windows

Both Adobe and Microsoft on Tuesday issued patches to plug critical security holes in their products. Adobe’s Flash Player patch addresses 17 security flaws, including one “zero-day” bug that is already actively being exploited by attackers. Microsoft’s bundle of updates tackles at least 42 security weaknesses in Windows and associate
Publish At:2016-12-14 22:40 | Read:955 | Comments:0 | Tags:Other adobe flash player Microsoft Windows Recorded Future S

Malicious code and the Windows integrity mechanism

Introduction Ask any expert who analyzes malicious code for Windows which system privileges malware works with and wants to acquire and, without a second thought, they’ll tell you: “Administrator rights”. Are there any studies to back this up? Unfortunately, I was unable to find any coherent analysis on the subject; however, it is never too
Publish At:2016-11-28 09:20 | Read:1286 | Comments:0 | Tags:Blog Software Malware Technologies Microsoft Windows Securit

20-year-old Windows bug lets printers install malware—patch now

For more than two decades, Microsoft Windows has provided the means for clever attackers to surreptitiously install malware of their choice on computers that connect to booby-trapped printers, or other devices masquerading as printers, on a local area network. Microsoft finally addressed the bug on Tuesday during its monthly patch cycle.The vulnerability res
Publish At:2016-07-14 15:25 | Read:1450 | Comments:0 | Tags:Risk Assessment Technology Lab exploits Microsoft Windows pa

Privacy and Windows 10: What’s in Your Settings?

Unless you’ve been totally unplugged for the past month, you are aware that Microsoft has rolled out the long-awaited Windows 10 operating system (OS). Users of the Windows 7 and 8 OSs were offered free upgrades, which they received via their update feature within their current OS. Accompanying the update and installation of Windows 10 was a new and co
Publish At:2015-08-24 09:55 | Read:1513 | Comments:0 | Tags:Software & App Vulnerabilities Microsoft Microsoft Windows P

Why Windows 10 Will Start Up Business Again

It’s been 20 years since we moved from folders to the Start button to start up our workday. One generation later Windows 10 needs to answer not only if it is the best choice for business, but also the blurred lines work tech has taken with the whole world gone mobile. I remember spending four hours in college desperately hoping my IBM 486 processor and
Publish At:2015-08-07 13:30 | Read:1331 | Comments:0 | Tags:Mobile Security Microsoft Microsoft Windows Windows Windows

MemGC: Use-After-Free Exploit Mitigation in Edge and IE on Windows 10

In my upcoming Black Hat USA talk on the attack surface and exploit mitigations in EdgeHTML (Microsoft Edge’s new rendering engine), one of the topics that I’ll discuss is Memory GC (MemGC), a new and improved use-after-free (UAF) exploit mitigation introduced by Microsoft in Edge and IE on Windows 10. About MemGC MemGC was first introduced in Ed
Publish At:2015-08-03 22:20 | Read:899 | Comments:0 | Tags:Application Security IBM X-Force Software & App Vulnerabilit

Microsoft Security Updates June 2015

Microsoft releases eight security bulletins today, updating a set of forty five software vulnerabilities. This month’s updates touch a smaller set of Microsoft software, but two of the Bulletins address kernel-level vulnerabilities and require a restart. Some are being exploited as a part of serious targeted attack activity: Windows Kernel, w
Publish At:2015-06-10 06:05 | Read:865 | Comments:0 | Tags:Blog Software Microsoft Internet Explorer Microsoft Windows

MS Update 3033929 Causing Reboot Loop

One of the operating system updates Microsoft released on Tuesday of this week — KB3033929 — is causing a reboot loop for a fair number of Windows 7 users, according to postings on multiple help forums. The update in question does not appear to address a pressing security vulnerability, so users who have not  yet installed it should probably dela
Publish At:2015-03-12 23:30 | Read:1353 | Comments:0 | Tags:Latest Warnings Other The Coming Storm Code 80004005 KB30339

Microsoft: All Windows versions Vulnerable to FREAK Vulnerability

Recently discovered FREAK vulnerability that apparently went undetected for more than a decade is reportedly affecting all supported versions of Microsoft Windows, making the flaw more creepy than what we thought.FREAK vulnerability is a disastrous SSL/TLS flaw disclosed Monday that allows an attacker to force SSL clients, including OpenSSL, to downgr
Publish At:2015-03-06 17:50 | Read:1558 | Comments:0 | Tags:cryptography encryption Freak Attack Freak SSL Vulnerability

Reasons why 2015 will be year for Linux on the desktop

Quick, what’s the first thing you think about when you hear the term “Linux”? If your answer is among the lines of “old-fashion complicated-to-use operating system that’s anything but user-friendly”, you’re clearly thinking of what Linux used to be, and not about what Linux is today. You see, Linux has come a long way since the old-days, when you needed to b
Publish At:2015-03-01 23:05 | Read:2011 | Comments:0 | Tags:Articoli Opinion desktop floss interface linux Microsoft Win

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud