HackDig : Dig high-quality web security articles for hackers

NAT Slipstreaming 2.0 Exposes Devices on Internal Networks to Remote Attacks

A newly devised variant of the NAT Slipstreaming attack can be leveraged to compromise any device on the local network, according to researchers at enterprise IoT security firm Armis.Detailed in late October 2020, the NAT Slipstreaming attack relies on tricking the victim into accessing a specially crafted website and exploits the browser on the device, alon
Publish At:2021-01-26 11:41 | Read:93 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Vulne

Google Warning: North Korean Gov Hackers Targeting Security Researchers

Google late Monday raised the alarm about a “government-backed entity based in North Korea” targeting -- and hacking into -- computer systems belonging to security researchers.Google’s Threat Analysis Group (TAG), a team that monitors global APT activity, said the ongoing campaign is aimed at security researchers working on vulnerability research and develop
Publish At:2021-01-25 23:59 | Read:119 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Microsoft Edge Adds Password Generator, Drops Support for Flash, FTP

Microsoft has shipped the stable version of the Microsoft Edge 88 browser, featuring a brand new Password Generator and the ability to alert on compromised credentials.   The browser refresh also drops support for the FTP protocol and for the Adobe Flash plugin.With Microsoft Edge 88.0.705.50 now rolling out, users get a built-in strong password ge
Publish At:2021-01-22 14:05 | Read:114 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Thousands of Unprotected RDP Servers Can Be Abused for DDoS Attacks

Cybercriminals have been abusing unprotected servers running Microsoft’s Remote Desktop Protocol (RDP) service to launch distributed denial-of-service (DDoS) attacks, application and network performance management company NETSCOUT warned this week.The Windows RDP service is designed to allow users to remotely connect to servers and other devices, often for p
Publish At:2021-01-22 10:11 | Read:143 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Virus & Threats Ide

Multi-Cloud Network Security Provider Valtix Raises $12.5 Million

Multi-cloud network security platform provider Valtix on Thursday announced that it raised $12.5 million in strategic funding.Founded in 2018 and launched in 2019 with $14 million in funding, the Santa Clara, California-based company provides enterprise customers with a cloud-native network security service that can help protect both applications and service
Publish At:2021-01-21 14:41 | Read:175 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Cloud Security Manageme

Cisco Patches Critical Vulnerabilities in SD-WAN, DNA Center, SSMS Products

Cisco this week released patches to address a significant number of vulnerabilities across its product portfolio, including several critical flaws in SD-WAN products, DNA Center, and Smart Software Manager Satellite (SSMS).Several command injection bugs addressed in SD-WAN products could allow an attacker to perform actions as root on the affected devices, t
Publish At:2021-01-21 10:47 | Read:127 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Vulnerabilities

Snort 3 Becomes Generally Available

Snort 3 was officially released on Tuesday and users have been advised to switch to Snort 3 from any previous version of the popular intrusion prevention and intrusion detection system (IPS/IDS).Snort is an open source tool developed by Cisco that provides real-time traffic analysis and packet logging capabilities. It has been downloaded millions of times an
Publish At:2021-01-20 15:17 | Read:147 | Comments:0 | Tags:Network Security NEWS & INDUSTRY

DNSpooq Flaws Expose Millions of Devices to DNS Cache Poisoning, Other Attacks

Researchers at Israel-based boutique cybersecurity consultancy JSOF this week disclosed the details of seven potentially serious DNS-related vulnerabilities that could expose millions of devices to various types of attacks.The vulnerabilities, collectively tracked as DNSpooq, impact Dnsmasq, a widely used piece of open source software designed to provide DNS
Publish At:2021-01-20 08:45 | Read:143 | Comments:0 | Tags:Network Security NEWS & INDUSTRY SCADA / ICS Risk Manage

Swimlane Raises $40 Million to Expand SOAR Business

Swimlane, a provider of security orchestration, automation and response (SOAR) solutions, announced today that it has raised $40 million in growth funding.Denver, Colorado-based Swimlane is a player in the hot market of security orchestration, automation and response (SOAR) solutions, and helps security operations teams struggling with alert fatigue and staf
Publish At:2021-01-19 11:59 | Read:119 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Security Infrastructure

Expired Domain Allowed Researcher to Hijack Country's TLD

A researcher claimed last week that he managed to take control of the country code top-level domain (ccTLD) for the Democratic Republic of Congo after an important domain name was left to expire.Before the holidays, Fredrik Almroth, founder and researcher at web security company Detectify, decided to analyze the name server (NS) records used by all TLDs. The
Publish At:2021-01-18 16:29 | Read:158 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Identity & Access V

Data Security Startup Qohash Raises $6 Million

Canadian data security startup Qohash this week announced it raised CAD 8 million (approximately USD $6.3 million) in Series A funding. The financing was led by FINTOP Capital.Founded in 2018, the Quebec-based company provides customers with solutions focused on data discovery and classification, helping enterprises monitor data across their environments. Fu
Publish At:2021-01-15 18:17 | Read:147 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Misconfigurations: A Hidden but Preventable Threat to Cloud Data

Working in the cloud has many advantages. But to handle your information safely, you should know how to defend against the common problem of misconfigurations leaving cloud data open to thieves.  What are the Benefits of Cloud Computing? Many groups are expanding their use of the cloud. In November 2019, Gartner announced its prediction that the worldw
Publish At:2021-01-15 15:29 | Read:212 | Comments:0 | Tags:Cloud Security Network Cloud Network Security

Over 70 Vulnerabilities Will Remain Unpatched in EOL Cisco Routers

Cisco this week announced that it does not plan on addressing tens of vulnerabilities affecting some of its small business routers.A total of 68 high-severity flaws were identified in Cisco’s Small Business RV110W, RV130, RV130W, and RV215W routers, but the company says patches won’t be released, because these devices have reached end-of-life (EOL). The last
Publish At:2021-01-14 11:05 | Read:178 | Comments:0 | Tags:Network Security NEWS & INDUSTRY Vulnerabilities

Microsoft Defender for Endpoint on Linux Goes Live

Microsoft on Monday announced that Microsoft Defender for Endpoint on Linux now provides endpoint detection and response (EDR) capabilities to all users.Initially available on Windows only, Microsoft Defender for Endpoint has received support for all major platforms, and is now available on macOS, Linux, Android, and iOS, the Redmond, Wash. software maker an
Publish At:2021-01-12 16:11 | Read:179 | Comments:0 | Tags:Endpoint Security Mobile Security Network Security NEWS &

Microsoft Patch Tuesday: 83 Vulnerabilities, 10 Critical, 1 Actively Exploited

Microsoft on Tuesday released the first batch of security patches for 2021 with fixes for 83 documented security vulnerabilities, including a "critical" bug in the Defender security product that's being actively exploited.Security experts are urging security response personnel to pay special attention to CVE-2021-1647, which describes a remote code execution
Publish At:2021-01-12 16:11 | Read:187 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Virus

Tools

Tag Cloud