HackDig : Dig high-quality web security articles for hacker

UK Researcher Finds Stupid Simple Method to Bypass PayPal 2FA

UK security researcher Henry Hoggard has found a very simple method of bypassing PayPal's two-factor authentication (2FA) mechanism, allowing an attacker to take over PayPal accounts in less than a minute.The researcher claims to have discovered this method while in a hotel with no telephone signal, and no way to receive the 2FA verification code to his
Publish At:2016-10-25 00:20 | Read:3312 | Comments:0 | Tags:Security Blog

"Hacktivist" Comic Inspired by Anonymous Set to Become TV Show

The CW Network has bought the rights to a TV show based on the graphic novel "Hacktivist," created by none other than Hollywood superstar Alyssa Milano.Milano created Hacktivist inspired by the Anonymous movement and released it in 2014, with the help of writers Jackson Lanzing and Collin Kelly, and illustrator Marcus To. Since then, the novel has
Publish At:2016-10-19 08:35 | Read:2593 | Comments:0 | Tags:Security Blog

First-Ever Ransomware Written in GoLang Is a Dud

The first ever ransomware variant detected written in Google's Go programming language isn't the success its authors hoped to be, with researchers cracking its encryption and releasing a free decrypter.Detected under the generic name of Trojan.Encoder.6491, this ransomware variant appeared only three days ago.According to Dr.Web, an antivirus maker b
Publish At:2016-10-13 05:30 | Read:3728 | Comments:0 | Tags:Security Blog

OverSight Mac App Tells You When Malware Is Accessing Your Camera and Microphone

Patrick Wardle, a renowned Mac security expert, has released this week a new app called OverSight that will alert users whenever malware, or other legitimate processes, try to access the computer's microphone or camera.The expert says he created the app as a way to fight back some of the sneaky tricks malware is employing on macOS devices in order to spy
Publish At:2016-10-07 03:25 | Read:3808 | Comments:0 | Tags:Security Blog

Office 365 Administrator Accounts Go on Sale on Dark Web Portal

A Dark Web portal that launched in August 2016 is selling access to 12 Office 365 accounts for prices ranging from $15 to $100.The website, which goes by the name of Open Hacking Lab (OHL) and was founded by an individual that goes by the name of r3s15tanc3, is selling hacked credentials, hacking tools, and hacking services.While there are plenty of Dark Web
Publish At:2016-10-01 01:20 | Read:3261 | Comments:0 | Tags:Security Blog

Exploit Vendor Offers $1.5 Million for iOS 10 Zero-Days

Zerodium, a company that buys zero-day exploits and then sells them to government agencies around the world, has raised its prices for a series of security flaws it desperately wants to get its hands on.First and foremost, the company has tripled the price it pays for an iOS zero-day. While last year Zerodium held a competition and paid $1 million for the fi
Publish At:2016-09-30 07:00 | Read:4351 | Comments:0 | Tags:Security Blog IOS exploit

Firefox May Get Tracking Protection on Normal Tabs, Not Just in Private Browsing

Yesterday, Mozilla announced three new experimental features via its Test Pilot program, one of which will have a serious impact on the privacy of Firefox users if approved.The Test Pilot program is available as a Firefox add-on that allows users to activate experimental features inside their Firefox stable branch. This is how Mozilla runs tests for upcoming
Publish At:2016-09-29 12:45 | Read:2908 | Comments:0 | Tags:Security Blog

97 Percent of Top 1000 Orgs Have Lost Sensitive Credentials in Recent Hacks

An analysis of the Forbes Top 1000 companies reveals that 97 percent of all organizations have been affected by recent data breaches at large Internet services.Researchers from Digital Shadows said they'd found 5,550,485 credentials associated with enterprise email addresses or users related in some other form with these Forbes Top 1000 companies.These c
Publish At:2016-09-25 17:25 | Read:3746 | Comments:0 | Tags:Security Blog

New DDoS Attacks Cripple Blizzard's Network Two Days in a Row

Blizzard Entertainment, the company behind many of today's most popular games, has been hit by two more DDoS attacks, one today and another one yesterday, after being previously targeted on Sunday night too.Just like the first DDoS attack, PoodleCorp took credit for the attacks through a series of tweets posted on their account.The DDoS attacks crip
Publish At:2016-09-21 22:05 | Read:4202 | Comments:0 | Tags:Security Blog DDOS

Hacktivist Group Promises to Take Down Worldwide Media with DDoS Attacks

A group of hackers calling themselves the Powerful Greek Army (stylized PøwerfulGreÉ™kArmy), have promised to take down media agencies worldwide with DDoS attacks tomorrow, September 22, 2016.The campaign, nicknamed #OpClosedMedia is currently a hot topic in the hacking community on Twitter, with many hackers, skids, and security researchers alike, wai
Publish At:2016-09-21 22:05 | Read:2952 | Comments:0 | Tags:Security Blog DDOS

Malvertising Campaign Using RIG EK Detected Pushing CrypMIC Ransomware

Security experts from Heimdal Security are warning against a new wave of malvertising that redirects users to malicious websites hosting the RIG exploit kit, which in the end infects victims with the CrypMIC ransomware.This most recent wave of infections comes on the heels of a malvertising campaign that Cisco and GoDaddy brought down at the start of the mon
Publish At:2016-09-21 03:45 | Read:4699 | Comments:0 | Tags:Security Blog

Blizzard Hit with DDoS Attack, PoodleCorp Takes Credit

Blizzard servers were down today after PoodleCorp, a hacking crew, revealed it targeted the service with a DDoS attack.Blizzard admitted the incident on Twitter, where a representative wrote, "We are currently monitoring a DDOS attack against network providers which is affecting latency/connections to our games."The attack lasted only about an hour
Publish At:2016-09-19 15:05 | Read:4204 | Comments:0 | Tags:Security Blog DDOS

EurekAlert Shuts Down Website Following "Serious Security Breach"

EurekAlert took down its website last night following an incident which the service has labeled as "a serious security breach."All links pointing to the site now redirect to a page that informs users of the incident. The page is dated September 13, 2016 - 10:10 p.m. EDT.In the statement plastered to its homepage, EurekAlert said they were notified
Publish At:2016-09-15 01:30 | Read:3284 | Comments:0 | Tags:Security Blog

New USB Kill 2.0 Thumb Drive Can Kill Your Laptop or PC in a Second

A Hong Kong company is selling a USB thumb drive called USB Kill 2.0 that can fry any computer it's plugged into by introducing a power surge via the USB port.Last year, a device called USB Killer developed by a Russian hacker named Dark Purple made waves online because of its ability to destroy any computer the hacker wanted.Now, a Hong Kong company tha
Publish At:2016-09-09 17:45 | Read:3263 | Comments:0 | Tags:Security Blog

Project Argus Is an Outlook Plugin for Reporting Phishing Attacks

Project Argus is a recently released Microsoft Outlook plugin that lets users easily report suspicious or phishing emails to their incident response team.Developed by Snow Offensive Security, Project Argus adds a button to the Outlook ribbon UI, which, when pressed, takes the currently open email and forwards it to a pre-configured email address, usually bel
Publish At:2016-09-04 10:00 | Read:4760 | Comments:0 | Tags:Security Blog

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud