HackDig : Dig high-quality web security articles for hackers

The strangest cybersecurity events of 2020: a look back

This year is finally coming to an end, and it only took us about eight consecutive months of March to get here. There is a ton to talk about, and that’s without even discussing the literal global pandemic. You see, 2020’s news stories were the pressure-cooker product of mania, chaos, and the downright absurd. “Murder hornets” made the journey to the
Publish At:2020-12-31 15:24 | Read:274 | Comments:0 | Tags:Security world 2020 certificates coronavirus coronavirus ant

The most enticing cyberattacks of 2020

In 2020, we experienced a major shift. Much of the world pitched in to limit the spread of the coronavirus, with people changing their daily routines to include a mixture of working from home, standing in socially-distanced lines, and awaiting local rules about what they could and could not do with members of different households. It was a stressful and c
Publish At:2020-12-30 16:00 | Read:273 | Comments:0 | Tags:Security world Agent Tesla coronavirus credit card skimmer c

IoT cybersecurity bill passed by Senate

Days before taking a week-long Thanksgiving recess, the US Senate passed an almost mundane cybersecurity bill that, if approved by the President, will improve security guidelines and protocols for Internet of Things (IoT) devices purchased and owned by the Federal government. The bill, called the Internet of Things Cybersecurity Improvement Act of 2020, w
Publish At:2020-11-25 13:36 | Read:239 | Comments:0 | Tags:Government Security world House of Representatives Internet

The best test for an EDR solution is one that works for you

Since its inception, the endpoint detection and response (EDR) market has evolved rapidly with new innovations to better address the cyber landscape and meet customers’ needs for an effective and simple solution that just works. But finding something that just works means something quite different for every business, depending on their size, security expe
Publish At:2020-05-28 16:55 | Read:808 | Comments:0 | Tags:Awareness Explained Opinion Security world alert fatigue aut

Going dark: encryption and law enforcement

UPDATE, 05/22/2020: In the advent of the EARN IT Act, the debate on government subversion of encryption has reignited.  Given that the material conditions of the technology have not changed, and the arguments given in favor of the bill are not novel, we’ve decided to republish the following blog outlining our stance on the subject. Originally published
Publish At:2020-05-24 07:20 | Read:841 | Comments:0 | Tags:Government Privacy Security world backdoor Department of Jus

Switching from a “Just in Time” delivery system should include planning ahead

As it becomes clear that some things will never again be the same after the global coronavirus pandemic, it is time to prepare for the future. The cybersecurity implications of upcoming changes will be most noticeable in organizations that rely on security models like the software defined perimeter. The software defined perimeter is a model closely relat
Publish At:2020-05-03 14:39 | Read:784 | Comments:0 | Tags:Security world JIT just in time sdp software change software

GDPR: An impact around the world

A little more than one month after the European Union enacted the General Data Protection Regulation (GDPR) to extend new data privacy rights to its people, the governor of California signed a separate, sweeping data protection law that borrowed several ideas from GDPR, sparking a torch in a legislative data privacy trend that has now spanned at least 10 cou
Publish At:2020-04-01 17:18 | Read:1310 | Comments:0 | Tags:Government Malwarebytes news Privacy Security world Argentin

Coronavirus impacts security conferences and events: check your schedule

With coronavirus starting to take hold globally, international travel restrictions are kicking in and more workplaces are advising to work from home whenever possible. When self-isolation is a potential solution, public gatherings are increasingly looking like a terrible idea. Events are becoming a bit of a hotspot for cases, leading to inevitably bizarre sc
Publish At:2020-03-12 15:31 | Read:1245 | Comments:0 | Tags:Security world black hat bsides cancellations conferences co

Would ‘Medicare for All’ help secure health data?

DISCLAIMER: This post is not partisan, but rather focuses on risk assessment based on history and what threats we are facing in the future. We do not endorse any healthcare plan style in any way, outside of examining its data security risk. For many folks, the term ‘Healthcare for All’ brings up an array of emotions ranging from concern to happiness, and
Publish At:2019-11-26 21:50 | Read:2803 | Comments:0 | Tags:Government Privacy Security world adam kujawa AMCA American

A Week in Security (May 08 – May 14)

Last week, we saw spam posts suddenly appearing on a celebrity’s website, talked about a malvertising campaign on Blogger, dissected a fake KPN email that led to the CTB Locker ransomware, and unmasked several tech support scam actors to put a stop to criminals banking on the Malwarebytes brand. Senior Security Researcher Jérôme Segura reported a hacki
Publish At:2016-05-16 20:50 | Read:4791 | Comments:0 | Tags:Security world Week in security recap weekly blog roundup

A Week in Security (May 01 – May 07)

Last week, we gave a comprehensive introduction about Process Explorer, analyzed an Amazon Prime spam, and presented our readers some telltale signs that show their systems are infected with malware. We also stressed our stand against paying the ransom if users find their system has ransomware. Malware Intelligence Analyst Jovi Umawing published a malicious
Publish At:2016-05-10 00:35 | Read:4242 | Comments:0 | Tags:Security world Week in security recap weekly blog roundup

A Week in Security (Apr 24 – Apr 30)

Last week, we talked about another scam that promised to reward iPhone 6s units, a fake Donald Trump spam that leads to a supposed torrent site, and a bogus LastPass browser extension found on the Chrome Web Store. Senior Security Researcher Jérôme Segura discussed the latest malvertising campaign on The Pirate Bay, somewhat a repeat of what we documented a
Publish At:2016-05-03 22:35 | Read:4401 | Comments:0 | Tags:Security world Week in security recap weekly blog roundup

FBI Announcement: Paying The Ransom is a Bad Idea

Hey Folks! So late last year a quote was going around about a comment for the Special Agent in charge of the Cyber Intelligence program for a Boston branch of the FBI that mentioned how they advise users to just pay ransomware criminals because in many cases, getting the files back by any other method would have been impossible. Now the FBI itself never offi
Publish At:2016-05-03 22:35 | Read:3970 | Comments:0 | Tags:Government Security world decrypting fbi Malwarebytes paying

A Week in Security (Apr 17 – Apr 23)

Last week, we talked about a compromise on the 55 million registered voters in the Philippines, the return of tech support scammers—with fake AV in tow—and some other interesting finds we have outline below: Senior Security Researcher Jérôme Segura revealed that malicious actors are using a fake social button plugin (those that we commonly see on websites t
Publish At:2016-04-26 08:05 | Read:5410 | Comments:0 | Tags:Security world Week in security recap weekly blog roundup

A Week in Security (Apr 10 – Apr 16)

Last week, we talked about persistent tech support scammers, a BMW 419 scam, uncovered a malvertising campaign on a popular photo leak forum, and addressed (as best as we can) the survey feedback we received from our PUP Friday readers. We also raised the question of whether one would store their data on the cloud or not. On top of this, we released an infog
Publish At:2016-04-19 11:50 | Read:4084 | Comments:0 | Tags:Security world Week in security recap weekly blog roundup


Tag Cloud