HackDig : Dig high-quality web security articles for hacker

Microsoft won’t patch the 20-year-old SMBv1 SMBloris flaw disclosed at DEF CON conference

Microsoft has announced that the SMBv1 SMBloris bug described at DEF CON won’t be patched because it could be fixed simply blocking incoming connections. Recently security researchers at RiskSense have identified a 20-year-old Windows SMB vulnerability they called SMBloris (a nod to the Slowloris DoS attack.), they presented their findings at the recen
Publish At:2017-07-31 06:15 | Read:417 | Comments:0 | Tags:Breaking News Hacking DEF CON 25 ETERNALBLUE SMB SMBLoris Wi

DEF CON Talk Will Expose The Latest SMB Vulnerability SMBLoris

Security researchers at RiskSense have identified a 20-year-old Windows SMB vulnerability they are calling SMBloris, a DEF CON Talk Will Expose it. Server Message Block (SMB) has been a foundational piece of Microsoft Windows’ networking all the way back to the LAN Manager days, facilitating “shared access to files, printers and serial ports.R
Publish At:2017-07-28 04:36 | Read:647 | Comments:0 | Tags:Breaking News Hacking def con ETERNALBLUE SMB Windows Vulner

Rapid7 report millions of endpoints exposed via SMB, Telnet Ports

A study conducted by the security firm Rapid7 revealed that millions of devices remain exposed to cyber attacks via  SMB, Telnet, RDP, and other types of improper configurations. Rapid7 published the second report National Exposure Index that provides Internet service providers (ISPs) worldwide information about the global exposure of devices. The researche
Publish At:2017-06-16 09:20 | Read:665 | Comments:0 | Tags:Breaking News Hacking Internet of Things Reports botnet Inte

Don’t Wait for the Next WannaCry — Update Your SMB Protocol Before It’s Too Late

Much has been written about WannaCry, and the security community has learned countless valuable lessons from the unprecedented ransomware attack. One thing that is seldom mentioned, however, is how to protect your infrastructure against future Server Message Block (SMB) exploits. Removing the Insecure SMB Protocol Microsoft has three different versions of
Publish At:2017-06-09 10:30 | Read:806 | Comments:0 | Tags:Network Exploit Infrastructure Protection Microsoft Network

WannaCryptor ‘Afterthoughts’…

WannaCryptor ‘Afterthoughts’… Posted by David Harley on May 17, 2017.…Not that we’re exactly in the post-WannaCryptor era yet. But forgive me if you’ve heard enough of the saga of the ransomware ESET calls Win32/Filecoder.WannaCryptor.D (after just a few days, I
Publish At:2017-06-06 19:55 | Read:354 | Comments:0 | Tags:David Harley kill switch marketing SMB St Helena WannaCry Wa

Not Your Typical Ransomware Infection

An analysis of an infected PC revealed that an attacker used several NSA tools just four days after the Shadow Brokers’ dump then it burned the PC with ransomware when they were done with it. This blog post by Secdo may be related to this one but I can’t be sure. I was asked to assist with an infected PC that had already been turned off. The ra
Publish At:2017-05-26 06:40 | Read:791 | Comments:0 | Tags:Malware nsa ransomware smb

US-CERT is warning about a Windows SMB zero-day flaw

The US-CERT issued a security advisory to warn of a zero-day memory corruption vulnerability in the SMB (Server Message Block) protocol that can be exploited by a remote attacker. The US-CERT is warning of a zero-day memory corruption vulnerability in the SMB (Server Message Block) protocol that can be exploited to cause a denial of service condition or exec
Publish At:2017-02-04 10:50 | Read:1131 | Comments:0 | Tags:Breaking News Hacking SMB Windows zero-Day

Another Door to Windows | Hot Potato exploit

Microsoft Windows versions 7, 8, 10, Server 2008 and Server 2012 vulnerable to Hot Potato exploit which gives total control of PC/laptop to hackers Security researchers from Foxglove Security have discovered that almost all recent versions of Microsoft’s Windows operating system are vulnerable to a privilege escalation exploit. By chaining together a series
Publish At:2016-01-25 03:00 | Read:1062 | Comments:0 | Tags:Cyber Security Cyber Security Research Exploits Security Upd

Study: Only 37% of SMBs Feel Prepared to Combat Cybersecurity Threats

According to a recent survey, only 37% of small to medium-sized businesses (SMBs) feel their organization is well prepared to protect against and remediate cybersecurity threats.The 2015 SMB Threat Report (PDF) by Webroot surveyed 700 IT decision-makers across organizations with less than 1,000 employees in the US, UK and Australia.The report found that abo
Publish At:2015-12-10 17:15 | Read:993 | Comments:0 | Tags:Latest Security News cybersecurity Information Security IT S

Operation Black Atlas Endangers In-Store Card Payments and SMBs Worldwide; Switches between BlackPOS and Other Tools

With the coming holidays also come news of various credit card breaches that endanger the data of many industries and their customers. High-profile breaches, such as that of the Hilton Hotel and other similar establishments, were accomplished using point-of-sale (PoS) malware, leading many to fear digital threats on brick-and-mortar retailers this Thanksgivi
Publish At:2015-12-02 18:15 | Read:979 | Comments:0 | Tags:Botnets Malware healthcare point-of-sale POS SMB

Intego Updates Flextivity, Improves Security and Productivity for SMBs

Intego has updated Flextivity to version 1.5 with improvements to device management and network security for businesses. This update offers several new features, including bulk approval of devices for greater efficiency, and improves application firewall rules for better control over network security.According to the National Small Business Association, 40 p
Publish At:2015-08-13 19:05 | Read:1036 | Comments:0 | Tags:Intego Cloud-Based Security employee monitoring Flextivity F

Weekly Metasploit Wrapup: SMB File Shares

Sharing is CaringOne of the nits we've all had to pick with Metasploit is that when you have a module that involves getting a client to connect to an evil SMB server to fetch a file, the strategy usually used involved generating the file with a module then serving that up on your own Samba or Windows share. This worked, of course, but what a hassle. Who want
Publish At:2015-03-12 17:30 | Read:783 | Comments:0 | Tags:smb 0-day 0day cifs

Yahoo Patches Critical eCommerce, Small Business Vulnerabilities

Yahoo has fixed a handful of vulnerabilities that could have given an attacker free reign over all of its user-run eCommerce websites and caused multiple headaches for small business owners.One bug could have allowed a hacker to change item prices on a whim and given them access to sensitive information provided to web stores powered by Yahoo. A separate bug
Publish At:2015-03-10 16:50 | Read:912 | Comments:0 | Tags:SMB Security Vulnerabilities Bounty programs bug bounties Bu

The Scan: Security Starts at Home

Hey guys! I’m Bradi, this is the Scan. As a parent myself, I know how hard it can be to make sure you kids are being safe online; here are some great ways to stay hip to their jive. Because when it comes to teenagers, asking never works. e-Parenting Made EZ  Despite what they may think, teenagers don’t know everything – especially when it comes to cybersecur
Publish At:2015-02-02 23:15 | Read:1180 | Comments:0 | Tags:SMB computer security cybersafety online safety protecting k

Are Weak Passwords Putting Your Small Business at Risk?

A weak password is like a cheap lock; it’s easy to break, and once the door is open, cyber-criminals can take just about anything. Weak passwords are not just the realm of casual Internet users; they are also an issue that is worryingly common in business, especially in small companies where passwords are regularly shared between colleagues.According to a re
Publish At:2015-01-23 03:10 | Read:1220 | Comments:0 | Tags:Recommended Security & Privacy password security Security Th

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud