HackDig : Dig high-quality web security articles

Beijing 2022 Winter Olympics app bursting with privacy risks

The official app for Beijing 2022 Winter Olympics, 'My 2022,' was found to be insecure when it comes to protecting the sensitive data of its users.Most importantly, the app's encryption system carries a significant flaw that enables middle-men to access documents, audio, and files in cleartext form.'My 2022' is also subject to censorship based on a list of k
Publish At:2022-01-18 14:38 | Read:55 | Comments:0 | Tags:Security

New White Rabbit ransomware linked to FIN8 hacking group

A new ransomware family called 'White Rabbit' appeared in the wild recently, and according to recent research findings, could be a side-operation of the FIN8 hacking group.FIN8 is a financially motivated actor who has been spotted targeting financial organizations for several years, primarily by deploying POS malware that can steal credit card details.A simp
Publish At:2022-01-18 14:38 | Read:89 | Comments:0 | Tags:Security ransomware hack

Europol shuts down VPN service used by ransomware groups

Law enforcement authorities from 10 countries took down VPNLab.net, a VPN service provider used by ransomware operators and malware actors.The disruptive joint action was coordinated by Europol and took place on January 17, 2022. It involved simultaneous law enforcement actions in Germany, the Netherlands, Canada, the Czech Republic, France, H
Publish At:2022-01-18 10:42 | Read:83 | Comments:0 | Tags:Security Legal ransomware

3 Cloud Security Trends to Watch in 2022

Many organizations have cloud security on their minds going into 2022. In April 2021, for instance, Gartner predicted that global end-user spending on cloud management and security services would reach $18 million the following year. That’s a growth of 30% over the previous two years.  The forecasts discussed above raise an important question. Wh
Publish At:2022-01-18 10:07 | Read:88 | Comments:0 | Tags:Cloud Security Data Protection Incident Response Risk Manage

World Economic Forum Highlights Continued Gap Between Security and Business Leaders

Despite the current ‘buzz’ cliché phrase that ‘security is top of mind’ with business leadership, a new report from the World Economic Forum (WEF) highlights the continuing gap between business and security leaders.The report, WEF’s Global Cybersecurity Outlook 2022, was described to SecurityWeek as “the launch of our flagship report that we are planning to
Publish At:2022-01-18 09:01 | Read:106 | Comments:0 | Tags:NEWS & INDUSTRY Management & Strategy security

How to Attract Hard-to-Find Cybersecurity Talent

It’s tempting to view cybersecurity through the lens that new and better technology will knock down threats and deliver all the protection an organization needs. While the right tools, applications and systems are essential, the problem for most organizations is managing a security framework. Currently, nearly 600,000 cybersecurity positions remain unfi
Publish At:2022-01-18 09:01 | Read:69 | Comments:0 | Tags:INDUSTRY INSIGHTS Training & Certification security cybe

The Supply Chain Needs Better Cybersecurity and Risk Management

The supply chain is under a historic amount of pressure, but the strain on its cybersecurity and risk management may be in even worse condition. As 2021 draws to a close, the global supply chain is in a state comparable to rush-hour traffic in bad weather. Everything seems to be backed up whether due to supply and demand issues, wait times at shipping ports,
Publish At:2022-01-18 02:06 | Read:106 | Comments:0 | Tags:Security Controls cybersecurity Risk Management supply chain

Oracle Critical Patch Update for January 2022 will fix 483 new flaws

The pre-release announcement for Critical Patch Update (CPU) for January 2022 states that Oracle will fix 483 new flaws. This pre-release announcement for Critical Patch Update (CPU) for January 2022 confirms that Oracle security updates will address 483 new security patches. The Critical Patch Update for January will be released on Tuesday, January 18, 2
Publish At:2022-01-17 18:46 | Read:168 | Comments:0 | Tags:Breaking News Security Critical Patch Update Cybersecurity c

Firefox Relay's addition to disposable email blocklist upsets users

The maintainers of a "disposable email service" blocklist have decided to add Firefox Relay to the list, leaving many users of the service upset.Firefox Relay is a privacy-centric email service that enables users to protect their real email addresses and hence limit spam.Firefox Relay to go into disposable email blocklistLaunched in November 2021, Firefox Re
Publish At:2022-01-17 18:34 | Read:209 | Comments:0 | Tags:Security

Microsoft: Edge will mitigate 'unforeseen active' zero day bugs

Microsoft Edge has added a new feature to the Beta channel that will mitigate future in-the-wild exploitation of unknown zero-day vulnerabilities.The new capability is part of a new browsing mode designed to focus on the Microsoft Edge's security while navigating the web."This feature is a huge step forward because it lets us mitigate unforeseen active zero
Publish At:2022-01-17 18:34 | Read:148 | Comments:0 | Tags:Microsoft Security

Zoho fixes a critical vulnerability (CVE-2021-44757) in Desktop Central solutions

Zoho addressed a new critical severity flaw (CVE-2021-44757) that affects its Desktop Central and Desktop Central MSP unified endpoint management (UEM) solutions Zoho fixed a new critical severity flaw, tracked as CVE-2021-44757, that affects its Desktop Central and Desktop Central MSP unified endpoint management (UEM) solutions. The issue is an authe
Publish At:2022-01-17 18:12 | Read:187 | Comments:0 | Tags:Breaking News Security Cybersecurity cybersecurity news Hack

Cyber espionage campaign targets renewable energy companies

A large-scale cyber-espionage campaign targeting primarily renewable energy and industrial technology organizations have been discovered to be active since at least 2019, targeting over fifteen entities worldwide.The campaign was discovered by security researcher William Thomas, a Curated Intelligence trust group member, who employed OSINT (open-source
Publish At:2022-01-17 14:38 | Read:112 | Comments:0 | Tags:Security cyber

Nintendo warns of spoofed sites pushing fake Switch discounts

Nintendo has warned customers of multiple sites impersonating the Japanese video game company's official website and pretending to sell Nintendo Switch consoles at significant discounts.This rare warning was issued last week via the gaming multinational's corporate site, which also hints at the severity of the issue."We have confirmed the existence of a fake
Publish At:2022-01-17 14:38 | Read:134 | Comments:0 | Tags:Security

DHL dethrones Microsoft as most imitated brand in phishing attacks

DHL was the most imitated brand in phishing campaigns throughout Q4 2021, pushing Microsoft to second place, and Google to fourth.This isn't surprising considering that the final quarter of every year includes the Black Friday, Cyber Monday, and Christmas shopping season, so phishing lures based on package deliveries naturally increase.DHL is an internationa
Publish At:2022-01-17 14:38 | Read:106 | Comments:0 | Tags:Security

Zoho patches new critical authentication bypass in Desktop Central

Zoho has addressed a new critical severity vulnerability that affects the company's Desktop Central and Desktop Central MSP unified endpoint management (UEM) solutionsManageEngine Desktop Central is an endpoint management platform that allows admins to deploy patches and software over the network and troubleshoot them remotely.Zoho has fixed the security fla
Publish At:2022-01-17 14:38 | Read:146 | Comments:0 | Tags:Security

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3