HackDig : Dig high-quality web security articles for hackers

Lock and Code S1Ep18: Finding consumer value in Cybersecurity Awareness Month with Jamie Court

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Jamie Court, president of the non-profit advocacy group Consumer Watchdog, about the consumer value in Cybersecurity Awareness Month. Launched initially as a joint effort between government and industry, this once
Publish At:2020-10-26 12:05 | Read:283 | Comments:0 | Tags:Podcast brute force attacks consumer cybersecurity consumer

NSA details top 25 flaws exploited by China-linked hackers

The US National Security Agency (NSA) has shared the list of top 25 vulnerabilities exploited by Chinese state-sponsored hacking groups in attacks in the wild. The US National Security Agency (NSA) has published a report that includes details of the top 25 vulnerabilities that are currently being exploited by China-linked APT groups in attacks in the wild
Publish At:2020-10-20 17:11 | Read:242 | Comments:0 | Tags:APT Breaking News Hacking hacking news information security

Drovorub “Taking systems to the wood chipper” – What you need to know

On August 15th the NSA and FBI published a joint security alert containing details about a previously undisclosed Russian malware.The agencies say that the Linux strain malware has been developed and deployed in real-world attacks by Russian military hackers. The FBI says, “The Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Servi
Publish At:2020-08-20 08:13 | Read:465 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Drovorub M

NSA releases a guide to reduce location tracking risks

The United States National Security Agency (NSA) is warning of risks posed by location services for staff who work in defence or national security. The United States National Security Agency (NSA) published a new guide to warn of the risks posed by location services for staff who work in defence or national security. The guide, titled “Limiting Locatio
Publish At:2020-08-05 12:15 | Read:652 | Comments:0 | Tags:Breaking News Digital ID Intelligence Security defense Hacki

NSA/CISA joint report warns on attacks on critical industrial systems

NSA is warning of cyber attacks launched by foreign threat actors against organizations in the critical infrastructure sector across the U.S. The U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert warning of cyber attacks targeting critical infrastructure across the U.S. “Over recent mont
Publish At:2020-07-27 15:20 | Read:527 | Comments:0 | Tags:Breaking News Hacking ICS-SCADA CISA critical infrastructure

CISA, NSA Lay Out Recommendations for Protecting OT Assets

The Cybersecurity & Infrastructure Security Agency (CISA) and the National Security Agency (NSA) laid out a series of recommendations for critical infrastructure owners and operators to protect their operational technology (OT) assets.In an alert published on July 23, CISA published an alert in which it recognized malicious actors’ growing willingn
Publish At:2020-07-27 14:29 | Read:631 | Comments:0 | Tags:ICS Security Latest Security News CISA NSA OT

NSA warns Russia-linked APT group is exploiting Exim flaw since 2019

The U.S. NSA warns that Russia-linked APT group known as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA). The U.S. National Security Agency (NSA) is warning that Russia-linked APT group tracked Sandworm Team has been exploiting a critical vulnerability (CVE-2019-10149) in the Exim mail transfer agent (MTA) software
Publish At:2020-05-28 18:26 | Read:674 | Comments:0 | Tags:APT Breaking News Hacking Security CVE-2019-10149 Exim infor

Mass surveillance alone will not save us from coronavirus

As the pattern-shattering truth of our new lives drains heavy—as coronavirus rends routines, raids our wellbeing, and whiplashes us between anxiety and fear—we should not look to mass digital surveillance to bring us back to normal. Already, governments have cast vast digital nets. South Koreans are tracked through GPS location history, credit card trans
Publish At:2020-04-15 18:12 | Read:1755 | Comments:0 | Tags:Opinion Apple Austria bluetooth Bluetooth contact tracing Bl

CIA Hacking unit APT-C-39 hit China since 2008

Chinese security firm Qihoo 360 revealed that the US CIA has hacked Chinese organizations in various sectors for the last 11 years. Chinese security firm Qihoo 360 is accusing that the US Central Intelligence Agency (CIA) of having hacked Chinese organizations for the last 11 years. According to the firm, the US cyber spies are targeting various industry
Publish At:2020-03-04 05:20 | Read:1101 | Comments:0 | Tags:APT Breaking News Hacking Intelligence APT-C-39 China Cybere

NSA Releases Cloud Vulnerability Guidance

The United States’ National Security Agency (NSA) has put together a short guidance document on mitigating vulnerabilities for cloud computing. At only eight pages, it is an accessible primer for cloud security and a great place to start before taking on something like the comprehensive NIST 800-53 security controls.As a guidance document, it doesn’t attempt
Publish At:2020-02-27 01:57 | Read:929 | Comments:0 | Tags:Cloud cloud adoption NSA secure configuration Vulnerability

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customer
Publish At:2020-01-13 20:35 | Read:1095 | Comments:0 | Tags:Time to Patch Anne Neuberger CERT Coordination Center CERT-C

A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s

This post was co-authored by Wendy Zamora and Chris Boyd. All opinions expressed belong to your mom. Back in the days before climate change stretched frigid winter months directly into the insta-sweat of summer, there was a saying about March: in like a lamb, out like a lion. The same might be said about the last decade in cybersecurity fails. What kic
Publish At:2019-12-19 16:50 | Read:1267 | Comments:0 | Tags:Awareness ashley madison ashley madison hack BadRabbit cambr

Kaspersky: Hackers used backdoored MS Office key-gen to steal NSA exploits

According to Kaspersky, the PC was hacked after the NSA employee installed a backdoored key generator for a pirated copy of Microsoft Office. More details emerge from the story of the hack of the Kaspersky antivirus that allowed Russian intelligence to stole secret exploits from the personal PC of the NSA staffer. The PC was hacked after the NSA employee ins
Publish At:2017-10-26 20:40 | Read:4917 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Intelligence Malware Equ

A leaked document raises a doubt about NSA knew the #Krack attack since 2010

An NSA leaked document about the BADDECISION hacking tool raises the doubt about National Security Agency knew the Krack attack since 2010. Security experts are questioning the NSA about the recently disclosed Krack attack the allows an attacker to decrypt information included in protected WPA2 traffic. Security experts believe that the National Security Age
Publish At:2017-10-22 06:05 | Read:3786 | Comments:0 | Tags:Breaking News Hacking Intelligence BADDECISION cyber espiona

Russian spies pilfered data from NSA Contractor’s home PC running a Kaspersky AV

Russian hackers allegedly exploited Kaspersky AV to hack into NSA contractor and steal the NSA exploit code. It complicates Kaspersky’s position. Anonymous sources have claimed Russian intelligence extracted NSA exploits from a US government contractor’s home PC using Kaspersky Lab software. Sources told the Wall Street Journal that a malicious c
Publish At:2017-10-06 11:30 | Read:3966 | Comments:0 | Tags:Breaking News Hacking Intelligence Malware antivirus cyber e