HackDig : Dig high-quality web security articles

New MacStealer macOS malware appears in the cybercrime underground

A new MacStealer macOS malware allows operators to steal iCloud Keychain data and passwords from infected systems. Uptycs researchers team discovered a new macOS information stealer, called MacStealer, which allows operators to steal iCloud Keychain data and passwords from infected systems. The macOS malware can steal documents, credit card data, cook
Publish At:2023-03-27 19:00 | Read:14329 | Comments:0 | Tags:Breaking News Malware Cybercrime Hacking hacking news inform

Apple fixes recently disclosed CVE-2023-23529 zero-day on older devices

Apple released updates to backport security patches that address actively exploited CVE-2023-23529 WebKit zero-day for older iPhones and iPads. Apple released security updates to backport patches that address an actively exploited zero-day flaw (CVE-2023-23529) for older iPhones and iPads. The CVE-2023-23529 flaw is a type confusion issue in WebKit tha
Publish At:2023-03-27 19:00 | Read:17232 | Comments:0 | Tags:Breaking News Hacking Security Apple CVE-2023-23529 hacking

Technical analysis of China-linked Earth Preta APT’s infection chain

China-linked Earth Preta cyberespionage group has been observed adopting new techniques to bypass security solutions. Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda) is actively changing its tools, tactics, and procedures (TTPs) to bypass security solutions. Earth Preta, also known as “RedDelta” or “Bronze
Publish At:2023-03-27 08:56 | Read:23084 | Comments:0 | Tags:APT Breaking News Hacking Malware Earth Preta hacking news i

OpenAI: A Redis bug caused a recent ChatGPT data exposure incident

OpenAI revealed that a Redis bug was the root cause of the recent exposure of users’ personal information and chat titles in ChatGPT service. On Friday, OpenAI revealed that the recent exposure of users’ personal information and chat titles in its chatbot service was caused by a bug in the Redis open-source library. On March 20, 2023, sever
Publish At:2023-03-26 20:26 | Read:42723 | Comments:0 | Tags:Breaking News Data Breach data leak Hacking information secu

Microsoft shares guidance for investigating attacks exploiting CVE-2023-23397

Microsoft is warning of cyber attacks exploiting a recently patched Outlook vulnerability tracked as CVE-2023-23397 (CVSS score: 9.8). Microsoft published guidance for investigating attacks exploiting recently patched Outlook vulnerability tracked as CVE-2023-23397. The flaw is a Microsoft Outlook spoofing vulnerability that can lead to an authenticati
Publish At:2023-03-26 12:30 | Read:25835 | Comments:0 | Tags:APT Breaking News Hacking Security CVE-2023-23397 Cyberespio

Vice Society claims attack on Puerto Rico Aqueduct and Sewer Authority

Puerto Rico Aqueduct and Sewer Authority (PRASA) is investigating a cyber attack with the help of the FBI and US CISA. The Puerto Rico Aqueduct and Sewer Authority (PRASA) is investigating a cyberattack that last week hit the agency. The agency quickly activated the incident response procedure after the attack. The attack was disclosed on March 19, and
Publish At:2023-03-26 03:20 | Read:53577 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cybercrime data br

NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites

The U.K. National Crime Agency (NCA) revealed that it has set up a number of fake DDoS-for-hire sites to infiltrate the online criminal underground. The UK National Crime Agency announced it has infiltrated the online criminal marketplace by setting up several sites purporting to offer DDoS-for-hire services. DDoS-for-hire or ‘booter’ services allows r
Publish At:2023-03-25 20:38 | Read:40941 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime DDoS DDoS-for-h

Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days

On the third day of the Pwn2Own Vancouver 2023 hacking contest, the organization awarded $185,000 for 10 zero-day exploits. Pwn2Own Vancouver 2023 is ended, contestants disclosed 27 unique zero-days and the organization awarded a total of $1,035,000 and a Tesla Model 3. The team Synacktiv (@Synacktiv) (Benoist-Vanderbeken, David Berard, Vincent Dehors, Ta
Publish At:2023-03-25 12:42 | Read:38791 | Comments:0 | Tags:Breaking News Hacking Security information security news IT

CISA announced the Pre-Ransomware Notifications initiative

The US Cybersecurity and Infrastructure Security Agency (CISA) announced the Pre-Ransomware Notifications service to help organizations stop ransomware attacks before damage occurs. The US Cybersecurity and Infrastructure Security Agency announced a new Pre-Ransomware Notification initiative that aims at alerting organizations of early-stage ransomware at
Publish At:2023-03-24 20:50 | Read:52772 | Comments:0 | Tags:Breaking News Malware Security CISA Cybercrime Hacking hacki

China-linked hackers target telecommunication providers in the Middle East

Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. According to the researchers, the activity is part of the Operation Soft
Publish At:2023-03-24 17:28 | Read:46066 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware China hacking

City of Toronto is one of the victims hacked by Clop gang using GoAnywhere zero-day

Clop ransomware gang added the City of Toronto to the list of its victims, it is another organization compromised by exploiting GoAnywhere zero-day. Clop ransomware gang added the City of Toronto to the list of victims published on its Tor leak site. The City was targeted as part of a campaign exploiting the recently disclosed zero-day vulnerability
Publish At:2023-03-24 16:52 | Read:62039 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Hacking Malware City o

Critical flaw in WooCommerce Payments plugin allows site takeover

A patch for a critical vulnerability in the WooCommerce Payments plugin for WordPress has been released for over 500,000 websites. On March 23, 2023, researchers from Wordfence observed that the “WooCommerce Payments – Fully Integrated Solution Built and Supported by Woo” plugin had been updated to version 5.6.2. The WooCommerce Payments plugin is a f
Publish At:2023-03-24 11:40 | Read:55564 | Comments:0 | Tags:Breaking News Hacking Security information security news IT

Pwn2Own Vancouver 2023 Day 2: Microsoft Teams, Oracle VirtualBox, and Tesla hacked

On the second day of Pwn2Own Vancouver 2023, the organization awarded $475,000 for 10 unique zero-day vulnerabilities. On the second day of Pwn2Own Vancouver 2023, the organization awarded $475,000 for 10 unique zero-day vulnerabilities, bringing the total awarded to $850,000! The bug hunters demonstrated zero-day attacks against the Oracle VirtualBox
Publish At:2023-03-24 08:56 | Read:37152 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

A million at risk from user data leak at Korean beauty platform PowderRoom

South Korean beauty content platform, PowderRoom, has leaked the personal information of nearly one million people. Established in 2003, PowderRoom is a South Korean beauty content platform connecting 3.5 million members and thousands of beauty brands It calls itself the first and the biggest beauty community in South Korea that “allows you to experie
Publish At:2023-03-23 18:50 | Read:68157 | Comments:0 | Tags:Breaking News Data Breach Hacking hacking news information s

Experts published PoC exploit code for Veeam Backup & Replication bug

Researchers released a PoC exploit code for a high-severity vulnerability in Veeam Backup & Replication (VBR) software. Veeam recently addressed a high-severity flaw, tracked as CVE-2023-27532, in Veeam Backup and Replication (VBR) software. An unauthenticated user with access to the Veeam backup service (TCP 9401 by default) can exploit the flaw to r
Publish At:2023-03-23 17:40 | Read:51727 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud