HackDig : Dig high-quality web security articles for hacker

Hands-on AWS S3 Bucket Account Takeover

As we have seen in the first part of AWS Penetration Testing Series the Basics of AWS S3 Bucket Penetration Testing in which we explained about what is Amazon S3 bucket and for the different purposes it can be used, in the second part Hands-on AWS S3 Bucket Vulnerabilities we learned about vulnerabilities in AWS S3 Bucket and in this part we will see h
Publish At:2020-04-04 13:55 | Read:75 | Comments:0 | Tags:Cloud Security News SecureLayer7 Services AWS Penetration Te

How to protect hospitals against the ransomware Netwalker

Hospitals are one of the most important critical infrastructures at the best of times, and more so right now, with the global health emergency caused by COVID-19. At this time, it is imperative that hospitals function as well as they possibly can, with no setbacks. However, we must not lose sight of the fact that the entire sector is currently in the midst o
Publish At:2020-04-01 10:45 | Read:163 | Comments:0 | Tags:Business News b2b healthcare sector Ransomware

A cyberattack paralyzes coronavirus testing center

Right now, many countries are in a state of alarm, and people and organizations around the world are coming together to face the current coronavirus COVID-19 pandemic. Companies are also making efforts to streamline the adoption of new methodologies such as telecommuting in order to protect their employees’ health. However, it also also the case that t
Publish At:2020-03-27 11:51 | Read:274 | Comments:0 | Tags:Business News b2b coronavirus cyberattack hospital Virus

Microsoft discovers two new remote code execution vulnerabilities

On March 23, Microsoft announced that it had discovered two critical vulnerabilities in Windows. The announcement was made outside the company’s regular communications schedule, highlighting how critical these vulnerabilities are. These are remote code execution vulnerabilities, and Adobe Type Manager Library. Microsoft says it is aware of a limited nu
Publish At:2020-03-25 08:30 | Read:209 | Comments:0 | Tags:Business News Security b2b Microsoft vulnerability Windows

An APT exploits coronavirus to spread malware

The world is currently living through an exceptional situation due to the current Covid-19 coronavirus pandemic. To try to stop the spread of the virus, a large number of companies all over the world have started a new regime of telework. This circumstance has significantly increased the attack surface, representing a great challenge for companies when it co
Publish At:2020-03-23 13:02 | Read:195 | Comments:0 | Tags:Malware News apt b2b Virus exploit

iPhone users may get 25$ from Apple for slowing down their devices

Back in 2017, Apple admitted that it purposely slowed down some iPhones as their batteries were aging. Dozens of class-action-lawsuits were immediately filed against one of the most profitable publicly-traded companies in the world. Now, more than two years later, Apple has tentatively agreed to a $500 million settlement that would resolve those pending laws
Publish At:2020-03-09 09:44 | Read:327 | Comments:0 | Tags:Mobile News News Apple iPhone

WatchGuard Technologies to Acquire Panda Security

WatchGuard Technologies to Acquire Panda, Extending Simplified Security from Network to Endpoint The combined entity will provide centralized management of advanced threat detection and response functionality fueled by artificial intelligence (AI), behavior profiling techniques, and cutting-edge security event correlation. WatchGuard Technologies, a leading
Publish At:2020-03-09 02:09 | Read:324 | Comments:0 | Tags:News Panda Security acquisition agreement alliance WatchGuar

Penetration Testing as a Service with BugDazz Platform

Penetration Testing as a Service with BugDazz Platform:  SecureLayer7 is providing penetration testing services from the last seven years and delivering the number of pentest projects to our global customer base.  SecureLayer7 is moving away from the traditional way of doing penetration testing and creating a smooth workflow fo
Publish At:2020-03-08 06:14 | Read:338 | Comments:0 | Tags:News Penetration Testing as a Service

IWD 2020 – How To Break Into Cybersecurity

Cybersecurity is one of the most exciting industries to work in – but the current gender balance is far from ideal. Men are still a significant majority (approximately 80%) of the workforce, making security disciplines a less attractive career option for women. So how can we begin to address the imbalance? And how can women break into cybersecurity and
Publish At:2020-03-06 09:39 | Read:299 | Comments:0 | Tags:Mobile Security News iwd

Hands-on AWS S3 Bucket Vulnerabilities

Continuing from our previous blog Basics of AWS S3 Bucket Penetration Testing and once you have configured the AWS CLI setup we will move to exploit the AWS S3 bucket vulnerabilities. AWS S3 Common Vulnerabilities: Unauthenticated Bucket Access: S3 bucket configured to allow anonymous users to list, read or write data to the bucket. Semi-Public Buc
Publish At:2020-03-04 11:10 | Read:283 | Comments:0 | Tags:News AWS Penetration Testing AWS S3 Bucket Vulnerabilities a

Basics of AWS Penetration Testing for S3 Bucket Service

What is Amazon S3? Amazon Simple Storage Service (Amazon S3) is a public cloud service offered by Amazon web services (AWS). Amazon S3 provides object storage through a simple web service interface. It is widely used to store photos, videos, text files, documents, PDF files and to store backups of large amounts of data as well.  What is Ac
Publish At:2020-02-27 10:10 | Read:306 | Comments:0 | Tags:News AWS Penetration Testing aws S3 security

WLAN: Emotet’s new distribution method

These days, Emotet seems to be an ever-present danger for organizational cybersecurity the world over. Just last month, it was discovered trying to make its way into the United Nations, and in 2019, it was a key player in the successive waves of ransomware that hit enterprises and public organizations from the USA to Europe. So prolific was the activity of t
Publish At:2020-02-21 11:50 | Read:333 | Comments:0 | Tags:Business News b2b emotet wi-fi

Cybertheft in Malta: How a bank lost €13 million

The banking sector suffers a great deal at the hands of cybercrime. In July last year, a cybercriminal managed to steal the personal data of some 100 million users of the bank Capital One. In June of the same year, a malicious insider gathered information from Desjardins Group and shared it with with a third party. The breach affected around 2.7 million peop
Publish At:2020-02-19 10:33 | Read:304 | Comments:0 | Tags:Business News b2b banking spear phishing

A BEC scam leads to a healthcare data breach

BEC (Business Email Compromise) scams are an ever present problem in the business world. This scam consists of impersonating someone important within an organization’s structure in order to trick an employee into making a fraudulent bank transfer. According to the Financial Crimes Enforcement Network (FinCEN), these scams generate around $301 million every m
Publish At:2020-02-17 13:04 | Read:419 | Comments:0 | Tags:Business News b2b bec Scam

Our 2019 Contribution

Every year, we raise funds for our chosen charities. Here at BH Consulting we know how important it is to give back, especially at this time of year. Each year, we donate to specific charities as chosen by our team. Each staff member is allowed to nominate a charity of their choice to receive a donation of €500. This year staff at BH Consulting provided char
Publish At:2020-02-12 07:25 | Read:194 | Comments:0 | Tags:News


Share high-quality web security related articles with you:)


Tag Cloud