HackDig : Dig high-quality web security articles for hacker

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customer
Publish At:2020-01-13 20:35 | Read:194 | Comments:0 | Tags:Time to Patch Anne Neuberger CERT Coordination Center CERT-C

A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s

This post was co-authored by Wendy Zamora and Chris Boyd. All opinions expressed belong to your mom. Back in the days before climate change stretched frigid winter months directly into the insta-sweat of summer, there was a saying about March: in like a lamb, out like a lion. The same might be said about the last decade in cybersecurity fails. What kic
Publish At:2019-12-19 16:50 | Read:236 | Comments:0 | Tags:Awareness ashley madison ashley madison hack BadRabbit cambr

Kaspersky: Hackers used backdoored MS Office key-gen to steal NSA exploits

According to Kaspersky, the PC was hacked after the NSA employee installed a backdoored key generator for a pirated copy of Microsoft Office. More details emerge from the story of the hack of the Kaspersky antivirus that allowed Russian intelligence to stole secret exploits from the personal PC of the NSA staffer. The PC was hacked after the NSA employee ins
Publish At:2017-10-26 20:40 | Read:3949 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Intelligence Malware Equ

A leaked document raises a doubt about NSA knew the #Krack attack since 2010

An NSA leaked document about the BADDECISION hacking tool raises the doubt about National Security Agency knew the Krack attack since 2010. Security experts are questioning the NSA about the recently disclosed Krack attack the allows an attacker to decrypt information included in protected WPA2 traffic. Security experts believe that the National Security Age
Publish At:2017-10-22 06:05 | Read:2748 | Comments:0 | Tags:Breaking News Hacking Intelligence BADDECISION cyber espiona

Russian spies pilfered data from NSA Contractor’s home PC running a Kaspersky AV

Russian hackers allegedly exploited Kaspersky AV to hack into NSA contractor and steal the NSA exploit code. It complicates Kaspersky’s position. Anonymous sources have claimed Russian intelligence extracted NSA exploits from a US government contractor’s home PC using Kaspersky Lab software. Sources told the Wall Street Journal that a malicious c
Publish At:2017-10-06 11:30 | Read:2910 | Comments:0 | Tags:Breaking News Hacking Intelligence Malware antivirus cyber e

Retefe banking Trojan leverages EternalBlue exploit to infect Swiss users

Cyber criminals behind the Retefe banking Trojan have improved it by adding a new component that uses the NSA exploit EternalBlue. ETERNALBLUE is the alleged NSA exploit that made the headlines with DOUBLEPULSAR in the WannaCry attack and NotPetya massive attacks. ETERNALBLUE targets the SMBv1 protocol and it has become widely adopted in the community of mal
Publish At:2017-09-24 03:40 | Read:4011 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware banking trojan Ete

ShadowBrokers are back demanding nearly $4m and offering 2 dumps per month

The dreaded hacking group ShadowBrokers posted a new message, promising to deliver two data dumps a month as part its monthly dumps. The notorious group ShadowBrokers is back with announcing new interesting changes to their Dump Service. The hackers published a new message on the Steemit platform announcing new changed to their service. “Missing theshadowbro
Publish At:2017-09-06 21:45 | Read:3360 | Comments:773 | Tags:APT Breaking News Hacking Cybercrime Equation group malware

Experts found an undocumented Kill Switch in Intel Management Engine

Security researchers at Positive Technologies have discovered an undocumented configuration setting that disables the Intel Management Engine. Security researchers at Positive Technologies have discovered an undocumented configuration setting that disables the CPU control mechanism Intel Management Engine 11. The Intel Management Engine consists of a microco
Publish At:2017-08-29 11:20 | Read:2915 | Comments:0 | Tags:Breaking News Hacking CVE-2017-5689 Intel Intel Management E

Fileless cryptocurrency miner CoinMiner uses NSA EternalBlue exploit to spread

A new fileless miner dubbed CoinMiner appeared in the wild, it uses NSA EternalBlue exploit and WMI tool to spread. A new strain of Cryptocurrency Miner dubbed CoinMiner appeared in the wild and according to the experts it is hard to detect and infects Windows PCs via EternalBlue NSA exploit. CoinMiner is a fileless malware that leverages the WMI (Windows Ma
Publish At:2017-08-22 13:35 | Read:3329 | Comments:0 | Tags:Breaking News Cyber Crime Malware CoinMiner Cybercrime ETERN

The Godfathers of Virtualization Returning to VMWorld

Ian Pratt and Simon Crosby sold XenSource to Citrix in 2007. After working at Citrix, they decided to once again spin off and focus on cybersecurity. They are available to meet during VMWorld if you’d like to talk virtualization and security. We think of them as The Godfathers of Virtualization. They work they did with XenSource lead to what is today’s clo
Publish At:2017-08-15 17:35 | Read:4786 | Comments:0 | Tags:Company News application isolation browsing click cybersecur

Rapid7 warns of Remote Desktop Protocol (RDP) exposure for millions of endpoints

According to a new research conducted by experts at Rapid7, there are 4.1 million Windows endpoints exposed online via Remote Desktop Protocol (RDP). The researchers discovered that there are 11 million open 3389/TCP endpoints, and that 4.1 million of them are RDP. “We analyzed the responses, tallying any that appeared to be from RDP speaking endpoints
Publish At:2017-08-14 18:00 | Read:3587 | Comments:0 | Tags:Breaking News Hacking Reports Security EsteemAudit Intellige

APT28 hackers are leveraging NSA Hacking tool to spy on Hotels guests

According to FireEye, the notorious Russia-linked APT28 group is behind an ongoing campaign targeting hotels in several European countries. According to FireEye, the notorious Russia-linked APT28 group (Pawn Storm, Fancy Bear, Sofacy, Sednit and Strontium) is behind an ongoing campaign targeting hotels in several European countries. The researchers observed
Publish At:2017-08-11 16:10 | Read:3338 | Comments:0 | Tags:APT Breaking News APT28 Cyberespionage Darkhotel ETERNALBLUE

When All Else Fails in Cybersecurity, Application Isolation Does Not

We hear about cybersecurity fails all the time. We’re happy to tell you it doesn’t have to be that way. Application isolation and containment based on virtualization is delivering results. The NSA has called out this strategy as the way forward for stopping advanced threats. To many technology folks, Application Isolation may be a new term when
Publish At:2017-07-26 12:05 | Read:3818 | Comments:0 | Tags:Threats application isolation control demo government Isolat

Shadow Brokers sent out first round of exploits and threaten to dox former NSA hacker

Shadow Brokers has sent out the first round of exploits to the subscribers of its service, the hackers also threaten to dox former NSA hacker. In May the notorious Shadow Brokers group announced the launch of a monthly subscription model for its data dumps, 0-Day Exploit Subscriptions goes for $21,000 per month. The group claimed to have exploit codes for al
Publish At:2017-06-29 10:25 | Read:3449 | Comments:0 | Tags:APT Hacking Intelligence Cybercrime Equation group malware M

National Security Agency opens the NSA Github Account that already lists 32 Projects

It is official, the National Security Agency (NSA) has presented its GitHub page that includes 32 projects as part of the NSA Technology Transfer Program. The National Security Agency has opened its GitHub account and presented an official GitHub page. The US intelligence agency employees numerous excellent experts that in the past demonstrated extraordinar
Publish At:2017-06-21 18:15 | Read:2487 | Comments:0 | Tags:Breaking News Intelligence NSA NSA Github Account


Share high-quality web security related articles with you:)


Tag Cloud