HackDig : Dig high-quality web security articles for hackers

White hat shows how Better Business Bureau’s site leaked personal data

A provocative white hat hacker who has previously disclosed vulnerabilities in both California’s ObamaCare portal and FireEye's core security product has now revealed a serious flaw in the Council of Better Business Bureau’s (CBBB) Web-based complaints application, which is used by nearly a million people annually to file complaints against businesses.The CB
Publish At:2016-06-08 02:35 | Read:4594 | Comments:0 | Tags:Ministry of Innovation Risk Assessment hacking vulnerabiliti

10-year-old gets $10,000 bounty for finding Instagram vulnerability

A 10-year-old schoolboy from Finland has become the youngest recipient of a £7,000 ($10,000) award under Facebook's bug bounty program, after he found a vulnerability that allowed anyone to delete comments on Instagram simply by planting malicious code into the photo-sharing app.Jani—who at the tender age of 10 is considered too young to use Facebook by the
Publish At:2016-05-04 20:25 | Read:3879 | Comments:0 | Tags:Ministry of Innovation Risk Assessment bug bounty Facebook f

Malware and skimmers, explosions and hammers: How attackers go after ATMs

What was the best way to steal cash from an ATM in 2015? Skimming still remains king, but a survey of 87 members of the ATM Industry Association (ATMIA) says that card trapping and transaction reversal fraud are on the rise around the world.In November 2015, ATMIA internally published a survey (PDF) describing the state of ATM hacking in the previous year, f
Publish At:2016-02-26 05:50 | Read:4758 | Comments:0 | Tags:Ministry of Innovation Risk Assessment ATM EMV hack

Tor Project raises over $200,000 in attempt to “diversify” its funding

Further ReadingTwo months after FBI debacle, Tor Project still can’t get an answer from CMUArs Q&A: We sit down with Tor Project's new executive director, Shari Steele.As a result of its recent crowdfunding campaign, the Tor Project announced Thursday that it had raised over $200,000 from more than 5,000 individuals over nearly two months.The organizatio
Publish At:2016-01-22 13:55 | Read:3709 | Comments:0 | Tags:Ministry of Innovation Risk Assessment shari steele tor

Insurer now offering “troll insurance” for victims of online harassment

Chubb, a multinational insurance company, is to offer its clients in the UK the first ever "troll insurance." Chubb personal insurance policy holders will be able to claim up to £50,000 towards expenses that include professional counselling, relocation due to online abuse, or time spent off work.Cyberbullying is defined by the insurer as "three or more acts
Publish At:2015-12-10 15:10 | Read:4780 | Comments:0 | Tags:Law & Disorder Ministry of Innovation Risk Assessment cyberb

Low-cost IMSI catcher for 4G/LTE networks tracks phones’ precise locations

Researchers have devised a low-cost way to discover the precise location of smartphones using the latest LTE standard for mobile networks, a feat that shatters widely held perceptions that the standard is immune to the types of attacks that targeted earlier specifications.The attacks target the LTE specification, which is expected to have a user base of abou
Publish At:2015-10-28 18:25 | Read:5571 | Comments:0 | Tags:Ministry of Innovation Risk Assessment Technology Lab 4G cel

This 11-year-old is selling cryptographically secure passwords for $2 each

Further ReadingDiceware passwords now need six random words to thwart hackersFive isn't enough anymore because password cracking is frighteningly effective.We now live in a world where a New York City sixth grader is making money selling strong passwords. Earlier this month, Mira Modi, 11, began a small business at dicewarepasswords.com, where she generates
Publish At:2015-10-25 18:25 | Read:3508 | Comments:0 | Tags:Ministry of Innovation Risk Assessment diceware julia angwin

Patreon: Some user names, e-mail and mailing addresses stolen

Patreon, the website that allows people to maintain regular donations to a website, an artist, or project, announced late Wednesday that it had sustained a security breach.The site said some registered names, e-mail addresses, and mailing addresses were accessed after someone managed to access a “debug version of our website” that at the time was accessible
Publish At:2015-10-02 05:15 | Read:5015 | Comments:0 | Tags:Ministry of Innovation Risk Assessment hack password patreon

Bitcoin cyberextortionists are blackmailing banks, corporations

A number of large UK corporations and institutions, such as Lloyds Bank and BAE systems, have reported a “marked increase” in Distributed Denial of Service (DDoS) attacks from the Bitcoin extortionist group DD4BC, which has been operational since last year. The increased aggressions appears concurrent with reports from other organisations. A cybersecurit
Publish At:2015-09-10 03:40 | Read:3755 | Comments:0 | Tags:Ministry of Innovation Risk Assessment Technology Lab bitcoi

Extorting money from Ashley Madison customers is actually pretty easy

In the wake of the recent Ashley Madison e-mail dump, some customers have gotten demand e-mails like this one. CloudmarkSo that begs the question: does it work? In the words of Omar Little, "Oh, indeed."Further ReadingAshley Madison hack is not only real, it’s worse than we thoughtIntimate data for more than 30 million accounts, keys to Windows domain pu
Publish At:2015-09-05 18:05 | Read:6343 | Comments:0 | Tags:Ministry of Innovation Risk Assessment Ashley Madison bitcoi

Report claims Kaspersky faked malware to trip up competitors’ products

Two former employees of Kaspersky Lab have accused the malware protection software company of seeding competitors’ products with fake malware signatures intended to make them erroneously label benign files on customers’ computers as malicious. The allegations, made in a report published by Reuters Friday morning, have been strongly denied by a Kaspersky
Publish At:2015-08-14 18:05 | Read:3314 | Comments:0 | Tags:Ministry of Innovation Risk Assessment

Best Buy fails to erase some returned devices before re-selling them

It's never a good idea to return a computer or other gadget to a store without first erasing all your personal data. Stores with good policies and training will generally wipe devices back to factory settings before selling them again, but you never know when one might slip through the cracks.Further ReadingBest Buy’s surprisingly insecure approach
Publish At:2015-08-06 17:15 | Read:5751 | Comments:0 | Tags:Gear & Gadgets Ministry of Innovation Risk Assessment Apple

A public marketplace for hackers—what could possibly go wrong?

Last November, Charles Tendell quietly launched a website called Hacker's List. Its name was literal. In this online marketplace, white-hat security experts could sell their services in bite-size engagements to people with cyber-problems beyond their grasp."Hacker's List is meant to connect consumers who have online issues to hackers or professionals out
Publish At:2015-07-28 05:50 | Read:4787 | Comments:0 | Tags:Features Ministry of Innovation Risk Assessment

Ashley Madison, an online dating website for cheaters, gets hacked

Ashley Madison, an online dating website that specifically targets people looking to have an affair, has been hacked by a group that calls itself Impact Team. A cache of data has been released by the Impact Team, including user profiles, company financial records, and "other proprietary information." The company's CEO, Noel Bilderman, confirmed with Kreb
Publish At:2015-07-20 22:30 | Read:4175 | Comments:0 | Tags:Ministry of Innovation Risk Assessment Ashley Madison breach

Paying $20 to delete your Ashley Madison profile was probably a bad idea

About a year ago, Ars ran this article looking into how Ashley Madison tricks people into thinking they need to pay $20 to have their profile information deleted. This weekend, a hacker group calling themselves Impact Team broke into the site and looked through its databases, finding that users' details aren't actually deleted after the $20 is handed o
Publish At:2015-07-20 22:30 | Read:7510 | Comments:0 | Tags:Law & Disorder Ministry of Innovation Risk Assessment Ashley


Tag Cloud