HackDig : Dig high-quality web security articles for hackers

Pablo Escobar’s brother sues Apple for $2.6b over FaceTime flaw

byLisa VaasRoberto Escobar’s company has reportedly filed a $2.6 billion lawsuit against Apple for purportedly having lame-o security – security so bad, his address purportedly got leaked through FaceTime and has led to subsequent assassination attempts.According to TNW and TMZ, former accountant and co-founder of the Medellín drug cartel Roberto
Publish At:2020-05-28 15:14 | Read:142 | Comments:0 | Tags:Apple Law & order Privacy Security threats Uncategorized eav

Woman stalked by sandwich server via her COVID-19 contact tracing info

byLisa VaasMayo? Mustard? Creep who takes your sandwich order plus the personal details you handed over for contact tracing?That’s not what I ordered, said a woman in Auckland, New Zealand, whose trip to a Subway fast-food shop led to a restaurant worker reaching out to pester her on Facebook, Instagram, Messenger and via text.As the local news outlet
Publish At:2020-05-18 12:28 | Read:166 | Comments:0 | Tags:Data loss Privacy Security threats breach contact tracing co

Top 10 most exploited vulnerabilities list released by FBI, DHS CISA

byLisa VaasWhen work-from-home became a sudden, urgent need in March, many organizations slapped together cloud-collaboration services such as Microsoft Office 365 for their newly locked-down staff.Unfortunately and understandably, pressure was high. People were scrambling. Thus did a number of those services get put together with a wing, a prayer, and misco
Publish At:2020-05-18 12:27 | Read:158 | Comments:0 | Tags:Malware Security threats Vulnerability .net Adobe Flash Apac

US offers up to $5m reward for information on North Korean hackers

byLisa VaasKnow anything about North Korean hackers and their activities in cyberspace, past or ongoing?The US on Wednesday said that it’s got up to $5 million in Rewards for Justice money if you cough up useful details, which you can do here.The FBI and the Departments of State, Treasury, and Homeland Security (DHS) put out an advisory about the persi
Publish At:2020-04-17 07:07 | Read:304 | Comments:0 | Tags:Cryptocurrency Government security Law & order Security thre

49 malicious Chrome extensions caught pickpocketing crypto wallets

byLisa VaasGoogle has kicked 49 malicious Chrome browser extensions out of its Web Store that were posing as cryptocurrency wallets in order to drain the contents of bona fide wallets. The extensions were discovered by researchers from MyCrypto – an open-source interface for the blockchain that helps store, send and receive cryptocurrency – and
Publish At:2020-04-16 07:57 | Read:425 | Comments:0 | Tags:Cryptocurrency Data loss Google Google Chrome Malvertising M

Microsoft project proposed to aid Linux IoT code integrity

byJohn E DunnImagine a computer user from 2010 dreaming of a world in which Microsoft is not only an enthusiastic proponent of open source software but actively contributes to it with its own ideas.It would have sounded fanciful and yet a decade on and this is exactly the world a growing number of Microsoft’s in-house developers find themselves working towar
Publish At:2020-04-08 08:21 | Read:560 | Comments:0 | Tags:Security threats cloud Integrity Policy Enforcement (IPE Lin

Firefox 76 will have option to enforce HTTPS-only connections

byJohn E DunnConverting websites from HTTP to HTTPS over the last decade must count as one of the most successful quiet security upgrades ever to affect web browsing.Using an HTTPS site means that your browser and the site establish an encrypted connection which can’t be snooped on by ISPs, rogue Wi-Fi access points, or anyone else trying to monitor the cont
Publish At:2020-03-27 10:24 | Read:391 | Comments:0 | Tags:Firefox Google Mozilla Security threats Web Browsers browser

Android apps are snooping on your installed software

byDanny BradburyAndroid apps are snooping on other software on your device – and that could tell shady advertising companies more about you than you’d like.The news emerged this week in a paper from researchers in Italy, the Netherlands, and Switzerland. The privacy violations centre around installed application methods (IAMs), which are applicat
Publish At:2020-03-27 10:24 | Read:605 | Comments:0 | Tags:Android Google Mobile Operating Systems Privacy Security thr

Windows has a zero-day that won’t be patched for weeks

byJohn E DunnCybercriminals are exploiting two unpatched zero-day flaws affecting all supported versions of Windows, Microsoft has warned.The Remote Code Execution (RCE) vulnerabilities affect Adobe Type Manager (ATM) Library, the part of Windows that manages PostScript Type 1 fonts.For now, there are no CVE identifiers and the only confirmed details are in
Publish At:2020-03-25 09:06 | Read:350 | Comments:0 | Tags:Microsoft Operating Systems Security threats Vulnerability W

Russia’s FSB wanted its own IoT botnet

byDanny BradburyIf you thought the Mirai botnet was bad, what about a version under the control of Russia’s military that it could point like an electronic cannon at people it didn’t like? That’s the prospect we could face after the reported emergence of secret Russian project documents online last week.The documents, which come from hackin
Publish At:2020-03-24 09:55 | Read:401 | Comments:0 | Tags:Botnet Denial of Service Government security IoT Machine Lea

Exchange rate service’s customer details hacked via AWS

byDanny BradburyOnline exchange rate data provider Open Exchange Rates has exposed an undisclosed amount of user data via an Amazon database, according to a notification letter published on Twitter this week.Open Exchange Rates provides foreign exchange data for over 200 currencies worldwide, including digital ones. Software developers can access it using an
Publish At:2020-03-20 11:29 | Read:354 | Comments:0 | Tags:Data loss Security threats Amazon Web Services data exposure

Delayed Adobe patches fix long list of critical flaws

byJohn E DunnNotice anything missing from last week’s Microsoft Patch Tuesday?Obscured by a long list of Microsoft patches and some fuss about a missing SMB fix, the answer is Adobe, which normally times its update cycle to coincide with the OS giant’s monthly schedule.It’s mostly a practical convenience – admins and end-users get all the important cli
Publish At:2020-03-19 08:57 | Read:435 | Comments:0 | Tags:Adobe Microsoft Security threats Vulnerability Acrobat Reade

Cryptojacking is almost conquered – crushed along with coinhive.com

byDanny BradburyCryptojacking may not be entirely dead following the shutdown of a notorious cryptomining service, but it isn’t very healthy, according to a paper released this week.Cryptomining websites embed JavaScript code that forces the user’s browser to begin mining for cryptocurrency. The digital asset of choice is normally Monero, which i
Publish At:2020-03-19 08:57 | Read:379 | Comments:0 | Tags:Cryptocurrency Security threats Web Browsers CoinHive crypto

Europol busts up two SIM-swapping hacking rings

byLisa VaasAfter months-long, cross-border investigations, Europol announced on Friday that it’s arrested more than two dozen people suspected of draining bank accounts by hijacking victims’ phone numbers via SIM-swap fraud.Following a ramp-up in SIM-jacking over recent months, police across Europe have been gearing up to dismantle criminal netwo
Publish At:2020-03-17 07:39 | Read:421 | Comments:0 | Tags:2-factor Authentication Law & order Malware Security threats

Microsoft patches wormable Windows 10 ‘SMBGhost’ flaw

byJohn E DunnWhat’s the difference between a scheduled security update and one that’s out-of-band?In the case of the critical Windows 10 Server Message Block (SMB) vulnerability (CVE-2020-0796) left unpatched in March’s otherwise bumper Windows Patch Tuesday update, the answer is two days.That’s how long it took Microsoft to change its mind about releasing a
Publish At:2020-03-16 08:53 | Read:504 | Comments:0 | Tags:Microsoft Operating Systems Security threats Vulnerability W

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud