HackDig : Dig high-quality web security articles

A first look at the builder for LockBit 3.0 Black

A few months after the LockBit gang released version 3.0 of its ransomware, LockBit 3.0 Black, the builder for it has been leaked by what seems to be a disgruntled developer. LockBit has been by far the most widely used ransomware in 2022 and the appearance of the builder could make things worse. It is likely to be popular, so we could see new gangs appear t
Publish At:2022-09-23 22:45 | Read:24710 | Comments:0 | Tags:News Ransomware LockBit builder leaked

Tens of Thousands of People Watched a Fake Apple Event Live

September 23, 2022 8 0 Author: Amanda Johnson Tens of Thousands of People Watched a Fake Apple Event Live On the evening of Septemb
Publish At:2022-09-23 08:34 | Read:36602 | Comments:0 | Tags:Networks Data Internet News Tech

2K games helpdesk abused to spread RedLine malware

On September 20, 2022, the official Twitter account for 2K Support tweeted an important message from the Customer Support team. The tweet said an unauthorized party illegally accessed the credentials of one of the vendors of the helpdesk platform. The attacker then used that access to send out communications that contained a malicious link. The email Th
Publish At:2022-09-22 22:45 | Read:37005 | Comments:0 | Tags:News 2k games redline support

Morgan Stanley's years-long "extensive failure" to protect customer data ends in huge fine

On Tuesday, the Securities and Exchange Commission (SEC) charged financial company Morgan Stanley a $35M fine for "the firm's extensive failures, over five years, to protect the personal identifying information, or PII, of approximately 15 million customers. The company agreed to settle the penalty. As early as 2015, Morgan Stanley wasn't properly
Publish At:2022-09-22 22:45 | Read:33578 | Comments:0 | Tags:News Privacy

Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. In Firefox 105 a total of seven vulnerabilities were patched, three of which received the security risk rating "high". In Thunderbird three security vulnerabi
Publish At:2022-09-22 22:45 | Read:33702 | Comments:0 | Tags:Exploits and vulnerabilities News CVE-2022-40959 CVE-2022-40

Medtronic's MiniMed 600 series insulin pumps potentially at risk of compromise, says FDA

The US FDA (Food and Drug Administration) has warned users of Medtronic's MiniMed 600 Series Insulin Pump System—specifically, models for MiniMed 630G and MiniMed 670G—that their medical devices have a cybersecurity issue with its communication protocol. If compromised, attackers could gain unauthorized access to the pump system itself, 
Publish At:2022-09-22 22:45 | Read:29653 | Comments:0 | Tags:Exploits and vulnerabilities News

Crypton Privacy Coin Has Been Accepted on 1,800 Online Stores

September 22, 2022 14 0 Author: Amanda Johnson Crypton Privacy Coin Has Been Accepted on 1,800 Online Stores Utopia is a decentrali
Publish At:2022-09-22 08:34 | Read:34362 | Comments:0 | Tags:Utopia news Networks News Tools Utopia News

Tax refund phish logs keystrokes to swipe personal details

There’s been some smart phishing campaigns running over the last few weeks, and this one is particularly sneaky. Bleeping Computer reports that a phishing page is targeting Greek taxpayers with a tax refund scam. The added sting in the tail comes in the form of an embedded keylogger which grabs everything entered onto the page. An untimely tax refund T
Publish At:2022-09-21 22:45 | Read:39218 | Comments:0 | Tags:News tax refund phish phishing scam greece greek javascript

Scammers send fake 'Energy Bills Support Scheme' texts

Watch out for an energy-themed scam being sent out via SMS. The message plays on energy price fears, similar to what we’ve seen previously. Scam alert. I just received this text. Click through and it looks very official. It’s a scam. The £400 energy bill discount is automatic, you don’t need to register or share any details with anyo
Publish At:2022-09-21 22:45 | Read:54506 | Comments:0 | Tags:News scam phish SMS energy fake website £400

Vulnerable children's identities used in tax fraud scheme

The United States Attorney for the Southern District of New York has sentenced Ariel "Melo" Jimenez (38) to 12 years in prison for leading a "tax fraud and identity theft conspiracy" that resulted in the fraudulent claiming of tax credits, earning him millions of dollars. "Ariel Jimenez was the leader of a long-running fraudulent tax business that cheat
Publish At:2022-09-21 22:45 | Read:35943 | Comments:0 | Tags:News Scams

The German Authorities Failed a Massive Rejection of Microsoft

September 19, 2022 43 0 Author: Amanda Johnson The German Authorities Failed a Massive Rejection of Microsoft The German authoritie
Publish At:2022-09-21 00:40 | Read:47443 | Comments:0 | Tags:Networks Internet News Tech

A week in security (September 12 – 18)

Last week on Malwarebytes Labs: The North Face hit by credential stuffing attack Facebook engineers aren't sure where all user data is kept 6 patch management best practices for businesses The MSP playbook on deciphering tech promises and shaping security culture Apple puts the password on life support with passkey BackupBuddy WordPress plugin vulnerable to
Publish At:2022-09-20 22:47 | Read:35351 | Comments:0 | Tags:News North Face Uber Edge MDR MSP Seasaw fuzzing iOS 16 WPGa

Hookup site targeted by typo-squatters

Ethical hacker and security researcher Kody Kinzie shared with BleepingComputer a list of over 50 domains of which many are spelling variations of the brand name Sniffies. Sniffies identifies itself as a “modern, map-based, meetup app for gay, bi, and curious guys.” Kody used an open source tool called DNSTwist to generate a list of lookalike dom
Publish At:2022-09-20 22:47 | Read:30834 | Comments:0 | Tags:News typosquatting sniffies extensions fake av screen locker

Grand Theft Auto 6 suffers grand theft

For games publisher Take-Two Interactive, damage control is in full effect as word spreads of a Grand Theft Auto-centric network compromise. Developer Rockstar Games has suffered a major leak of upcoming game content, specifically unfinished video footage of Grand Theft Auto 6. The first anyone knew of the attack was when the person doing the compromising po
Publish At:2022-09-20 22:47 | Read:28378 | Comments:0 | Tags:News grand theft auto 6 take-two interactive rockstar games

American Airlines suffers data breach after phishing incident

Major airline American Airlines has fallen victim to a data breach after a threat actor got access to the email accounts of several employees via a phishing attack. According to a published notice of a security incident, the data breach was discovered in July 2022. How it happened American Airlines said the successful phishing attack led to the una
Publish At:2022-09-20 22:47 | Read:16845 | Comments:0 | Tags:News American Airlines data breach phishing identity theft


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud