HackDig : Dig high-quality web security articles for hackers

FTC receives almost 2 million robocall complaints in nine months

Image: Eric KrullThe Federal Trade Commission (FTC) received almost 2 million complaints from Americans regarding illegal robocalls during the first nine months of 2020.These stats are included in the U.S. Department of Justice Telephone Robocall Abuse Criminal Enforcement and Deterrence Act 2020 Report to Congress."Illegal robocalls remain a significant con
Publish At:2020-10-27 21:06 | Read:97 | Comments:0 | Tags:Security

Cybersecurity Strategy: Building Trust on Shifting Sands

This is the first in a blog series about building and maintaining brand trust.  Transforming the enterprise for digital business requires a change in technology, process and culture. Along with this comes necessary changes on a cybersecurity strategy. Like walking on shifting sands, keeping cybersecurity strategy top of mind while going through major b
Publish At:2020-10-27 20:34 | Read:64 | Comments:0 | Tags:Application Security Cloud Security Risk Management Security

Mac users unable to print after Apple revoked HP certificate

Apple macOS X users with HP printers are left unable to print from their computers after Apple revoked a certificate that signed HP's print drivers.The result was print drivers being mistaken on macOS X for malware, and user complaints springing up over the weekend.Print drivers mistook for malwareAs observed by BleepingComputer, when printing a documen
Publish At:2020-10-27 17:12 | Read:89 | Comments:0 | Tags:Security Apple

Schools Admit Security Gaps

Schools have admitted to creating gaps in their security by rapidly transitioning to remote education in an attempt to slow the spread of COVID-19.The admission was announced today by cybersecurity company Netwrix, as one of several additional findings from its "2020 Cyber Threats Report" that examined how the coronavirus pandemic an
Publish At:2020-10-27 14:31 | Read:80 | Comments:0 | Tags: security

FBI: Hackers stole government source code via SonarQube instances

The Federal Bureau of Investigation (FBI) issued a flash alert warning of hackers stealing data from U.S. government agencies and enterprise organizations via internet-exposed and insecure SonarQube instances.SonarQube is an open-source platform for automated code quality auditing and static analysis to discover bugs and security vulnerabilities in projects
Publish At:2020-10-27 13:18 | Read:72 | Comments:0 | Tags:Security FBI hack

Steelcase furniture giant hit by Ryuk ransomware attack

Office furniture giant Steelcase has suffered a ransomware attack that forced them to shut down their network to contain the attack's spread.Steelcase is the largest office furniture manufacturer globally, with 13,000 employees and $3.7 billion in 2020.Steelcase suffers a Ryuk ransomware attackIn an 8-K form filed with the Securities and Exchange Commission
Publish At:2020-10-27 13:18 | Read:40 | Comments:0 | Tags:Security ransomware

SOC 2 compliance for containers and Kubernetes security

This article contains useful tips to implement SOC 2 compliance for containers and Kubernetes. The Service Organization Controls (SOC) reports are the primary way that service organizations provide evidence of how effective their controls are for finance (SOC 1) or securing customer data (SOC 2, SOC 3). These reports are issued by the American Institu
Publish At:2020-10-27 12:18 | Read:95 | Comments:0 | Tags:Falco Kubernetes Sysdig Secure compliance falco Image scanni

Swedish Authorities, Banks Hit by Security Data Leak: Report

Details of bank vault floor plans, alarm systems and the security arrangements for Swedish authorities have been leaked online after a security company was hacked, local media reported Tuesday.A total of 19 gigabytes of information and around 38,000 files were stolen from security group Gunnebo by one or more hackers in August, according to newspaper Dagens
Publish At:2020-10-27 11:40 | Read:92 | Comments:0 | Tags:NEWS & INDUSTRY Cybercrime security data leak

Amazon Discloses Security Incident Involving Customers’ Email Addresses

Amazon informed some of its customers about a security incident that involved the unauthorized disclosure of their email addresses.News of the security incident emerged over the weekend of October 23 when multiple users took to Twitter to voice their confusion over an email they had received from Amazon.In an email notification obtained by Bleeping Computer,
Publish At:2020-10-27 08:43 | Read:40 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Amazon

Finnish psychotherapy clinic discloses data breach, victims extorted

A large psychotherapy clinic in Finland is under heavy stress after a threat actor asked a ransom for a client database with confidential information stolen in a data breach that likely happened almost two years ago.Thousands of patient records may be at risk as the private clinic is a nationwide practice with more than a dozen branches and other instit
Publish At:2020-10-27 05:30 | Read:135 | Comments:0 | Tags:Security

Amazon sacks insiders over data leak, alerts customers

Amazon has recently terminated employees responsible for leaking customer data, including their email addresses, to an unaffiliated third-party in violation of company policies.The company has sent out an email announcement to affected customers following the incident.Affected Amazon customers confusedOver the weekend, reports emerged on Twitter of
Publish At:2020-10-27 05:30 | Read:100 | Comments:0 | Tags:Security Legal data leak

Over 100 irrigation systems left exposed online without protection

Researchers found more than 100 smart irrigation systems running ICC PRO that were left exposed online without a password last month. Security experts from the Israeli security firm Security Joes discovered more than 100 irrigation systems running ICC PRO that were left exposed online without protection. ICC PRO is a top-shelf smart irrigation s
Publish At:2020-10-27 05:11 | Read:67 | Comments:0 | Tags:Hacking Internet of Things Security ICC PRO information secu

Link Previews in Chat Apps Pose Privacy, Security Issues: Researchers

An analysis of the manner in which popular chat applications handle link previews has revealed several privacy and security issues, including some that still need addressing, security researchers warn.Link previews provide users with information on what a link received in chat would lead them to, regardless of whether it is a file or a web page.However, link
Publish At:2020-10-27 01:15 | Read:146 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Privacy Vulnerabilities

Google employees personal info exposed in law firm data breach

Immigration law firm Fragomen, Del Rey, Bernsen & Loewy, LLP has disclosed a data breach that exposed current and former Google employees' personal information.Fragomen is one of the USA's largest law firms covering immigration law, with over 582 attorneys in 47 locations worldwide.Data breach exposes US employment formsIn a "Notice of Data Breach" sent
Publish At:2020-10-26 21:42 | Read:99 | Comments:0 | Tags:Security Google

Microsoft upgrades password spray attack detection capabilities

Microsoft has improved password spray detection in Azure Active Directory (Azure AD) by doubling the number of compromised accounts it detects using a new machine learning (ML) system."This new machine learning detection yields a 100 percent increase in recall, meaning it detects twice the number of compromised accounts of the previous algorithm," said
Publish At:2020-10-26 17:48 | Read:118 | Comments:0 | Tags:Security Microsoft

Tools

Tag Cloud