HackDig : Dig high-quality web security articles for hackers

Ransomware gang taunts IObit with repeated forum hacks

A ransomware gang continues to taunt Windows software developer IObit by hacking its forums to display a ransom demand.On January 16th, the IObit forums were hacked as part of an attack to distribute the DeroHE ransomware. During this attack, the threat actors emailed all of the IObit forum users with a free software promotion linking to a ransomware in
Publish At:2021-01-25 13:55 | Read:51 | Comments:0 | Tags:Security ransomware hack

Australian securities regulator discloses security breach

Image: Pat WhelenThe Australian Securities and Investments Commission (ASIC) has revealed that one of its servers has been accessed by an unknown threat actor following a security breach.ASIC is an independent Australian government commission tasked with the regulation of insurance, securities, and financial services, as well with consumer protection as Aust
Publish At:2021-01-25 13:55 | Read:97 | Comments:0 | Tags:Security security

2020's COVID Accelerated Digitalization Demands Stronger Cybersecurity in 2021

As critical infrastructure faces increasing and sophisticated attacks, these trends will enable the energy sector to shore up its cybersecurity defenses.From shifts in geopolitics, the energy transition, and climate change to upending the status quo in global health, financial markets, and private sector business models, 2020 will be remembered as a year of
Publish At:2021-01-25 12:14 | Read:100 | Comments:0 | Tags: security cyber cybersecurity

A week in security (January 18 – January 24)

Last week on Malwarebytes Labs, we looked at changes to WhatsApp’s privacy policy, we provided information about Malwarebytes being targeted by the same threat actor that was implicated in the SolarWinds breach, we told the story of ZeroLogon, looked at the pros and cons of Zoom watermarking, studied the vulnerabilities in dnsmasq called DNSpooq, asked if Ti
Publish At:2021-01-25 12:06 | Read:115 | Comments:0 | Tags:A week in security Malwarebytes news bec Brave chrome Cisco

Why do people still fall for online scams?

Most of us have grown up with computers being an everyday part of life. At work or at home computers and smart devices play an important role in daily life. And most of us have learned to use them quite safely – although regular readers of the Panda Security blog will probably be even better informed. Yet despite an increase in general IT knowledge, pe
Publish At:2021-01-25 11:52 | Read:107 | Comments:0 | Tags:Mobile News Security cybersecurity scams

Need of Cybersecurity as viewed by the Educational Boards of India

India desperately needs more cyber-heroes to defend its web-fronts(and backs)! As one of the major economies of the world, India has and sincerely contributed to the large scale digitalization and virtualization of its economic, financial, governance as well as administrative systems. On its way to emerge as one of the software product-making powers, India
Publish At:2021-01-25 10:55 | Read:116 | Comments:0 | Tags:News Cybersecurity Awareness cybersecurity in india need of

NIST Cybersecurity Framework – The Key to Critical Infrastructure Cyber Resiliency

In the digital age, organizations and the missions and business processes they support rely on information technology and information systems to achieve their mission and business objectives. Not only is technology used to efficiently enable businesses to carry out operational activities, but it is also the backbone for the United States’ critical infr
Publish At:2021-01-25 01:32 | Read:116 | Comments:0 | Tags:ICS Security Critical Infrastructure cyber resilience framew

Another ransomware now uses DDoS attacks to force victims to pay

Another ransomware gang is now using DDoS attacks to force a victim to contact them and negotiate a ransom.In October 2020, we reported that ransomware gangs were beginning to utilize DDoS attacks against a victims' network or web site as an extra tool to force them to pay a ransom. At the time, the two operations using this new tactic were SunCrypt and Ragn
Publish At:2021-01-24 14:31 | Read:93 | Comments:0 | Tags:Security DDOS ransomware

Data breach at Buyucoin crypto exchange leaks user info, trades

A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free.Over the weekend, a threat actor known as ShinyHunters posted the link to an archive that contains the alleged database dumps for the Buyucoin cryptocurrency exchange.Pixlr database leaked for freeShinyHunters is a threat actor
Publish At:2021-01-24 14:31 | Read:85 | Comments:0 | Tags:Security

Security Affairs newsletter Round 298

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Critical flaws in Orbit Fox WordPress plugin allows site takeoverEMA said that hackers manipulated stolen documents before leaking themSecurity Affairs newsletter Round 297500K+ records of C-level people
Publish At:2021-01-24 10:18 | Read:71 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Russian government warns of US retaliatory cyberattacks

The Russian government has issued a security warning to organizations in Russia about possible retaliatory cyberattacks by the USA for the SolarWinds breach.Last month, the SolarWinds network management company disclosed that they suffered a sophisticated cyberattack that led to a supply chain attack affecting 18,000 customers.The US governmen
Publish At:2021-01-23 15:07 | Read:143 | Comments:0 | Tags:Security cyber

SonicWall firewall maker hacked using zero-day in its VPN device

Security hardware manufacturer SonicWall has issued an urgent security notice about threat actors exploiting a zero-day vulnerability in their VPN products to perform attacks on their internal systems.SonicWall is a well-known manufacturer of hardware firewall devices, VPN gateways, and network security solutions whose products are commonly used in SMB/SME a
Publish At:2021-01-23 15:07 | Read:74 | Comments:0 | Tags:Security hack

Security firm SonicWall was victim of a coordinated attack

The Hacker News reported in exclusive that the security firm SonicWall was hacked as a result of a coordinated attack on its internal systems. TheHackerNews revealed in an exclusive that the security provider SonicWall was hacked on Friday. The company was targeted with a coordinated attack on its internal systems, threat actors exploited zero-day vuln
Publish At:2021-01-23 07:00 | Read:125 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

The Week in Ransomware - January 22nd 2021 - Calm before the storm

Ransomware news is slow this week, with mostly small ransomware variants being released and a small number of attacks reported.This week's biggest news is threat actors hacking the IObit forums to host malware for an IObit phishing scam that infected numerous people with the DeroHE ransomware.This week's other interesting news is a new threat actor
Publish At:2021-01-22 23:31 | Read:127 | Comments:0 | Tags:Security ransomware

SAP SolMan exploit released for max severity pre-auth flaw

Fully-functional exploit code is now publicly available for a maximum severity pre-auth vulnerability impacting default configurations of an SAP Solution Manager (SolMan) component.SAP SolMan is an application lifecycle manager deployed in almost all SAP environments and designed to help unify the management of all SAP and non-SAP systems within a single int
Publish At:2021-01-22 19:37 | Read:87 | Comments:0 | Tags:Security exploit


Tag Cloud