HackDig : Dig high-quality web security articles

PrestaShop Confirms Zero Day Attacks Hitting eCommerce Servers

The team behind the open source PrestaShop ecommerce platform has issued a public advisory to warn of zero day SQL injection attacks hitting merchant servers and planting code capable of stealing customer payment information.An urgent advisory from PrestaShop warned that hackers are exploiting a "combination of known and unknown security vulnerabilities" to
Publish At:2022-07-25 20:11 | Read:287 | Comments:0 | Tags:Cyberwarfare Disaster Recovery Endpoint Security Network Sec

SonicWall Warns of Critical GMS SQL Injection Vulnerability

Network security appliance vendor SonicWall late Thursday shipped urgent patches for a critical flaw in its Global Management System (GMS) software, warning that the issue exposes businesses to remote hacker attacks.The vulnerability, which carries a critical-severity rating of CVSS 9.4, provides a pathway for a remote attacker to execute arbitrary SQL queri
Publish At:2022-07-22 20:11 | Read:438 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Intezer Documents Powerful 'Lightning Framework' Linux Malware

Security researchers at Intezer are documenting the discovery of a powerful piece of Linux malware that can stay undetected and has the ability to install rootkits.Dubbed Lightning Framework, the threat is described as a Swiss Army Knife-like piece of malware that has a modular design and a plethora of capabilities rarely seen in malware targeting Linux syst
Publish At:2022-07-22 16:13 | Read:399 | Comments:0 | Tags:Cyberwarfare Endpoint Security NEWS & INDUSTRY Applicati

Anvilogic Scores $25 Million Series B to Tackle SOC Modernization

Anvilogic, a Silicon Valley startup working on technology to modernize the Security Operations Center (SOC), has deposited $25 million in a new investment round led by Outpost Ventures.The Palo Alto, Calif. Anvilogic said the $25 million Series B investment also included participation from Xerox Ventures, G Squared, Foundation Capital, Point72 Ventures and C
Publish At:2022-07-21 16:13 | Read:225 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Romanian Operator of Bulletproof Hosting Service Extradited to the US

A Romanian national accused of operating a bulletproof hosting service used by the Gozi banking trojan was extradited from Colombia and has made an appearance in court in the United States.The man, Mihai Ionut Paunescu, 37, a dual Romanian and Latvian national, was arrested in Colombia last year. Previously, he was arrested in Romania in 2012, but was releas
Publish At:2022-07-21 16:13 | Read:225 | Comments:0 | Tags:Cyberwarfare Endpoint Security NEWS & INDUSTRY Fraud &am

Understanding the Evolution of Cybercrime to Predict its Future

An analysis of the evolution of cybercrime from its beginnings in the 1990s to its billion-dollar presence today has one overriding theme: the development of cybercrime as a business closely mimics the evolution of legitimate business, and will continue to evolve to improve its own ROI.In the early days, hacking was more about personal prestige and kudos tha
Publish At:2022-07-21 16:13 | Read:180 | Comments:0 | Tags:Disaster Recovery Endpoint Security Mobile Security NEWS &am

Apple Ships Urgent Security Patches for macOS, iOS

It's a very busy Patch Wednesday for computer users running Apple’s flagship macOS and iOS devices.Apple's security response team has pushed out software fixes for at least 39 software vulnerabilities haunting the macOS Catalina, iOS and iPadOS platforms.The patches provide cover for numerous gaping memory safety flaws, some serious enough to expose users to
Publish At:2022-07-20 20:11 | Read:333 | Comments:0 | Tags:Disaster Recovery Endpoint Security Network Security NEWS &a

Huntress Acquires Security Awareness Training Startup Curricula for $22M

Managed detection and response (MDR) platform provider Huntress has shelled out $22 million to acquire Curricula, a startup in the growing security awareness business.Huntress, based in Ellicott City, Maryland, said the deal adds a fun, story-based security awareness training platform to its stable of cybersecurity offerings.The company, which was widely cre
Publish At:2022-07-19 16:13 | Read:340 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

Push Security Banks $4 Million Seed Funding

Push Security, a British startup building technology to help defenders manage cloud software sprawl and shadow IT, has banked $4 million in early-stage venture capital funding.The London-based firm said the $4 million seed round was led by Decibel, a Silicon Valley VC firm betting on cybersecurity and open source startups. Several prominent security executiv
Publish At:2022-07-19 16:13 | Read:239 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

PayPal phishing campaign goes after more than just your login credentials

A new phishing campaign targeting PayPal users aims to get extensive data from potential victims. The data it’s after includes government documents like passport, as well as selfie photos. In a nutshell, it’s an extensive form of information theft, the likes of which could result in someone’s identity being fully stolen and their financial
Publish At:2022-07-19 11:52 | Read:273 | Comments:0 | Tags:Social engineering akamai Akamai Security Research PayPal pa

Moussouris: U.S. Should Resist Urge to Match China Vuln Reporting Mandate

A prominent cybersecurity executive is calling on the U.S. government to resist the urge to match China's reported mandates around early vulnerability disclosure, warning that such a move would "meaningfully and dramatically increase the risk" of zero-day flaws landing in the wrong hands.The caution, from Luta Security chief executive Katie Moussouris, follo
Publish At:2022-07-18 20:11 | Read:307 | Comments:0 | Tags:Cyberwarfare Disaster Recovery Endpoint Security Network Sec

New PayPal Phishing Kit Hijacks WordPress Sites

Researchers have uncovered a new phishing kit that, under the guise of security controls, injects malware into legitimate WordPress sites and uses a fake PayPal-branded social engineering scam to trick targets into handing over their most sensitive data. This data includes government documents, photos, and even financial information.Researchers from Akamai s
Publish At:2022-07-15 09:43 | Read:374 | Comments:0 | Tags:Cybersecurity News phishing wordpress

6 Ways SASE Helps Protect Your Data

You start to log in to work from the home office you’ve occupied for the last two years only to sit and wait patiently as your virtual private network (VPN) dials up. After a few minutes, it validates your credentials. You have access to log in and you peruse your emails over coffee.   One email stands out because it looks related to a purchase y
Publish At:2022-07-14 13:09 | Read:463 | Comments:0 | Tags:Data Protection Risk Management sase Internet of Things (IoT

Microsoft: 10,000 Organizations Targeted in Large-Scale Phishing Campaign

Microsoft has warned users about a large-scale phishing campaign that has been targeting over 10,000 organizations to perform follow-on business email compromise (BEC).As part of the campaign, the attackers have been using adversary-in-the-middle (AiTM) phishing sites to steal credentials, and have been hijacking sign-in sessions to bypass authentication eve
Publish At:2022-07-14 12:03 | Read:297 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Phishing Cybe

DLL Hijacking Flaw Fixed in Microsoft Azure Site Recovery

Microsoft's massive Patch Tuesday rollout this month included fixes for multiple high-severity vulnerabilities impacting the Azure Site Recovery service.Azure Site Recovery represents a suite of tools for ensuring business continuity during outages, such as site recovery – which ensures that both applications and workloads continue to operate on a secondary
Publish At:2022-07-13 16:13 | Read:376 | Comments:0 | Tags:Cyberwarfare Endpoint Security NEWS & INDUSTRY Privacy A

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud