HackDig : Dig high-quality web security articles for hackers

Enterprise Threat Visibility Versus Real-World Operational Constraints

The phrase “assume breach” has been transformational to enterprise security investment and defensive strategy for a few years but may now be close to retirement. When the vast majority of information security expenditure was focused on impermeable perimeter defenses and reactive response to evidence-based compromise, it served as a valuable rallying cry
Publish At:2020-09-17 15:43 | Read:162 | Comments:0 | Tags:INDUSTRY INSIGHTS Network Security

Under Attack: How Threat Actors are Exploiting SOCKS Proxies

From the basic building blocks of the internet to cryptocurrency mining on a supercomputer, SOCKS sits at the core of computing. A SOCKS proxy can be used to improve network security in an enterprise, but can also be exploited by cybercriminals for nefarious reasons. Take a look at how SOCKS proxies have been manipulated recently by threat actors. What is
Publish At:2020-09-03 16:34 | Read:200 | Comments:0 | Tags:Advanced Threats Network Security Intelligence & Analytics C

Government Backed 'MDBR' Service Blocks Connections to Malicious Domains

A new Malicious Domain Blocking and Reporting (MDBR) service will help organizations improve security by preventing IT systems from connecting to malicious domains. Launched through a partnership between the U.S. Department of Homeland Security’s Cybersecurity Infrastructure Security Agency (CISA), Center for Internet Security (CIS), and Akamai Technolo
Publish At:2020-09-02 16:04 | Read:159 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Security Infrastructure

Cisco Says Hackers Targeting Zero-Days in Carrier-Grade Routers

Cisco has warned that hackers are targeting not one, but two unpatched vulnerabilities in the DVMRP feature of IOS XR software that runs on many carrier-grade routers. Over the weekend, the company published an advisory to warn of active attacks targeting a security flaw (CVE-2020-3566) in the Distance Vector Multicast Routing Protocol (DVMRP) feature o
Publish At:2020-09-01 16:36 | Read:190 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Vulnerabilities hack

Iranian Hackers Target Critical Vulnerability in F5's BIG-IP

A hacking group believed to be linked to the Iranian government was observed targeting a critical vulnerability that F5 Networks addressed in its BIG-IP application delivery controller (ADC) in early July.Tracked as CVE-2020-5902 and featuring a CVSS score of 10, the vulnerability allows remote attackers to take complete control of a targeted system. F5's BI
Publish At:2020-09-01 13:51 | Read:273 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Vulnerabilities Vulnera

SASE Provider Perimeter 81 Raises $40 Million

Secure Access Service Edge (SASE) and Network-as-a-Service (NaaS) solutions provider Perimeter 81 has closed a $40 million Series B funding round that brings the total raised by the company to $65 million.Founded in 2018 and headquartered in Tel Aviv, Israel, the startup provides a cloud-based Security-as-a-Service (SaaS) solution that aims to secure access
Publish At:2020-08-13 00:19 | Read:191 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Application Security Id

GreyNoise Raises $4.8 Million in Seed Funding to Combat Alert Fatigue

GreyNoise Intelligence, a startup focused on helping security teams reduce alert fatigue, has raised nearly $5 million in seed investment to help the company expand its intelligence service that helps teams “prioritize alerts that matter by quieting ones that don’t.”Using hundreds of nodes around the internet, the company collects, analyzes and labels mass i
Publish At:2020-08-04 18:12 | Read:200 | Comments:0 | Tags:Network Security NEWS & INDUSTRY

Network Design: Firewall, IDS/IPS

IntroductionThere are many different types of devices and mechanisms within the security environment to provide a layered approach of defense. This is so that if an attacker is able to bypass one layer, another layer stands in the way to protect the network. Two of the most popular and significant tools used to secure networks are firewalls and intrusi
Publish At:2020-08-04 15:05 | Read:206 | Comments:0 | Tags:Application Security feature network security

Cisco Patches Serious Vulnerabilities in Data Center Network Manager

Cisco informed customers on Wednesday that it has patched critical and high-severity vulnerabilities in its Data Center Network Manager (DCNM) network management platform.One of the security flaws, CVE-2020-3382, has been classified as critical. It allows a remote, unauthenticated attacker to bypass authentication and perform actions with admin privileges on
Publish At:2020-07-30 14:39 | Read:265 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Vulnerabilities

US, UK Warn of Malware Targeting QNAP NAS Devices

In a joint alert this week, the United States and the United Kingdom warned that a piece of malware has infected over 62,000 QNAP network-attached storage (NAS) devices.Dubbed QSnatch, the malware was first observed last year, and QNAP in November issued a security advisory to alert users of the risks associated with it and to provide recommendations on how
Publish At:2020-07-28 16:19 | Read:233 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Virus & Threats Ris

Quantum Loop: US Unveils Blueprint for 'Virtually Unhackable' Internet

US officials and scientists have begun laying the groundwork for a more secure "virtually unhackable" internet based on quantum computing technology. At a presentation Thursday, Department of Energy (DOE) officials issued a report that lays out a blueprint strategy for the development of a national quantum internet, using laws of quantum mechanics to transm
Publish At:2020-07-24 15:48 | Read:285 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Security Infrastructure

Vulnerability in Cisco Firewalls Exploited Shortly After Disclosure

Cisco this week informed customers that it has patched a high-severity path traversal vulnerability in its firewalls that can be exploited remotely to obtain potentially sensitive files from the targeted system. The first attempts to exploit the flaw were observed shortly after disclosure.The vulnerability, identified as CVE-2020-3452, impacts the web servic
Publish At:2020-07-24 07:00 | Read:388 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Virus & Threats Vul

Critical Vulnerabilities Can Be Exploited to Hack Cisco Small Business Routers

Cisco on Wednesday released security advisories to inform customers of several critical vulnerabilities that can be exploited remotely to hack small business routers and firewalls that are no longer being sold.One of the critical flaws, which is tracked as CVE-2020-3330 and has a CVSS score of 9.8, affects Cisco Small Business RV110W Wireless-N VPN firewalls
Publish At:2020-07-16 10:54 | Read:264 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Vulnerabilities exploit

Focusing on the Fundamentals of Network Security

IBM X-Force has reported a huge increase in COVID-19-related spam. Malicious domains have also rapidly expanded during the first quarter of 2020.  Focus on Security Fundamentals   One of the key fundamental approaches for security is to ensure your security team can identify, investigate and respond to threats. We recommend mining network
Publish At:2020-07-15 12:51 | Read:343 | Comments:0 | Tags:Network App Security Corporate Network Security Network Secu

Cisco Investigating Report of Vulnerability Found in Counterfeit Switches

Cisco has launched an investigation after researchers at F-Secure analyzed two counterfeit Cisco switches that appeared to exploit a previously unknown vulnerability.The fake Cisco Catalyst 2960-X series switches were used by an IT company. F-Secure was called in to conduct an analysis after the counterfeit devices were discovered in the fall of 2019. The sw
Publish At:2020-07-15 11:15 | Read:309 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Risk Management Vulnera


Tag Cloud