HackDig : Dig high-quality web security articles for hacker

Ransomware wipes evidence, lets suspected drug dealers walk free

byDanny BradburySix alleged drug criminals will go free thanks to a ransomware attack on a small Florida city, it was revealed this month.Stuart is a city in Florida with a population of around 16,500. It suffered an attack involving the Ryuk ransomware in April 2019 that took city servers offline. While reports said that city emergency services, including 9
Publish At:2020-02-28 09:16 | Read:43 | Comments:0 | Tags:Law & order Malware Ransomware Security threats deleted evid

Clearview AI loses entire database of faceprint-buying clients to hackers

byLisa VaasClearview AI, the controversial facial recognition startup that’s gobbled up more than three billion of our photos by scraping social media sites and any other publicly accessible nook and cranny it can find, has lost its entire list of clients to hackers – including details about its many law enforcement clients.In a notification that
Publish At:2020-02-28 09:16 | Read:146 | Comments:0 | Tags:Data loss Law & order Privacy Security threats AI Artificial

US and UK call out Russian hackers for Georgia attacks

byDanny BradburyThe US and UK governments have both accused Russia of launching a cyber attack against the Georgian government last year. The attacks, mounted on 28 October 2019, came from Russia’s notorious GRU military intelligence unit, according to announcements from the US State Department and the UK’s National Cyber Security Centre.This is
Publish At:2020-02-21 10:23 | Read:103 | Comments:0 | Tags:Government security Security threats Georgia GRU nation stat

Ring makes 2FA mandatory to keep hackers out of your doorbell account

byLisa VaasLeery of losing microseconds of your life by using two-factor authentication (2FA) to keep your stuff safe from hackers?Alas for you, but hurray for security. Bit by bit, the Internet of Things (IoT) is getting a wee bit more secure: last week, Google announced that it would soon begin forcing users of its Nest gadgets to use 2FA, and this week, s
Publish At:2020-02-20 07:51 | Read:129 | Comments:0 | Tags:2-factor Authentication Amazon IoT Security threats 2FA cred

Firefox 73.0.1 fixes crashes, blank web pages and DRM niggles

byJohn E DunnFirefox version 73 has only been out for a week but already Mozilla has had to update it to version 73.0.1 to fix a range of browser problems and crashes, including when running on Linux machines.The list of issues is surprisingly long for a point release but, in most cases, the issues only happen in specific contexts. Despite this, some of the
Publish At:2020-02-20 07:51 | Read:165 | Comments:0 | Tags:Firefox Mozilla Security threats Vulnerability Web Browsers

Dell fixes privilege elevation bug in support software

byDanny BradburyUsers of Dell SupportAssist should patch their software immediately to fix a software bug that could lead to arbitrary code execution, the PC vendor said this week.SupportAssist is a Dell software product that comes preinstalled on most of its Windows-based endpoints. It performs diagnostic tasks and streamlines the creation of support ticket
Publish At:2020-02-15 12:44 | Read:218 | Comments:0 | Tags:Security threats Vulnerability arbitrary code execution Bug

Corp.com is up for sale – check your Active Directory settings!

byDanny BradburyAn old domain that has lain dormant for 26 years is going on sale – and the results could be catastrophic for enterprises with poorly configured Active Directory setups.Brian Krebs reports that Mike O’Connor, a domain prospector who registered corp.com in 1994, wants to sell the domain for $1.7 million as he simplifies his estate.
Publish At:2020-02-15 12:43 | Read:245 | Comments:0 | Tags:Microsoft Security threats Active Directory Corp.com DNS dom

Cookie-nabbing app could have served users side helping of XSS

byDanny BradburyA popular GDPR compliance WordPress plugin vendor has patched a flaw that rendered both site visitors and admins vulnerable to cookie-stealing cross-site scripting (XSS) attacks.The GDPR Cookie Consent plugin, created by WebToffee, claims over 700,000 users. The plug-in is a notification app that begs you to accept cookies when you first visi
Publish At:2020-02-15 12:43 | Read:306 | Comments:0 | Tags:Security threats Cookie consent cookies cross-site scripting

Frustrated author cybersquats novelist’s website

byDanny BradburyIf you visit the website of renowned Canadian novelist Patrick deWitt today, you’ll see a surprising message. “THIS IS NOT PATRICK DEWITT”, it says.That’s because the domain has been taken over by a cybersquatter. Not just any cybersquatter, mind – this one has literary ambitions.The unpublished writer apparently
Publish At:2020-02-10 07:57 | Read:172 | Comments:0 | Tags:Privacy Security threats cybersquatting domain lapse domain

Update now – WhatsApp flaw gave attackers access to local files

byJohn E DunnDoes WhatsApp have a lot of vulnerabilities or are there simply a lot of people looking for them?Ask PerimeterX researcher Gal Weizman, who last year set about poking the world’s most popular messaging platform to see whether he could turn up any new weaknesses.Sure enough, this week we learned that he uncovered a clutch of vulnerabilities that
Publish At:2020-02-06 12:35 | Read:239 | Comments:0 | Tags:Google Privacy Security threats Facebook PerimeterX remote c

Intel promises fix after researchers reveal ‘CacheOut’ CPU flaws

byJohn E DunnForget the infamous Meltdown and Spectre chip flaws from 2018, the problem that’s tying down Intel’s patching team these days is a more recent class of side channel vulnerabilities known collectively as ZombieLoad.These relate to a data leakage problem called Microarchitectural Data Sampling (MDS) affecting Intel’s speculative execution technolo
Publish At:2020-01-29 12:35 | Read:198 | Comments:0 | Tags:Security threats BWAIN CacheOut Intel chips meltdown side ch

Critical DoS messaging flaw fixed in December Android update

byJohn E DunnFor anyone lucky enough to get them, Android’s December 2019 updates arrived this week, patching a small list of system and Qualcomm flaws across the operating system’s two patch levels.In Google’s estimation, at the top of the urgent list on the 2019-12-01 patch level (see below for explanation) is CVE-2019-2232, a critical flaw affecting Andro
Publish At:2019-12-05 12:35 | Read:570 | Comments:0 | Tags:Android Google Linux Mobile Operating Systems Security threa

National Veterinary Associates catches dose of ransomware

byDanny BradburyRansomware attacks don’t discriminate. They are just as happy targeting those with four legs as those with two.Anonymous sources told cybersecurity reporter Brian Krebs this week that National Veterinary Associates (NVA) has fallen victim to a ransomware attack that has affected hundreds of hospitals.NVA describes itself as one of the l
Publish At:2019-11-26 12:35 | Read:737 | Comments:0 | Tags:Data loss Malware Ransomware Security threats cyberattack ma

Parents say creep hacked their baby monitor to tell toddler they ‘love’ her

byLisa VaasAnother mouthbreather with nothing better to do than hack a baby monitor and broadcast their “love” for a 3-year-old has apparently struck again.This time, it happened to a family in Seattle.According to local broadcaster King 5, a couple who asked to be identified only as Jo and John said that their daughter, Jaden, was spied on by a stranger who
Publish At:2019-11-26 12:35 | Read:398 | Comments:0 | Tags:IoT Privacy Security threats baby monitor baby monitors FRED

Adobe fixes 46 critical bugs in patchfest

byDanny BradburyAdobe patched a total of 82 vulnerabilities across a range of products on Tuesday, including 46 critical bugs.The lion’s share of the patches, which the company flagged on 11 October, came in a single advisory covering Acrobat and Acrobat Reader on the Windows and macOS platforms, extending back to the Classic 2015 versions.There were
Publish At:2019-10-17 06:05 | Read:524 | Comments:0 | Tags:Adobe Organisations Security threats Acrobat Acrobat Reader

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud