HackDig : Dig high-quality web security articles for hackers

Apple releases iOS 14, watchOS 7 and more with security updates

This week Apple released updates to most of its operating systems and the macOS version of the Safari browser. Here’s a brief rundown of the security fixes included with each update as well as some of the non-security changes.iOS 14.0 and iPadOS 14.0Available for: iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and
Publish At:2020-09-19 02:22 | Read:398 | Comments:0 | Tags:Security News Security Updates IOS security

Apple releases macOS Catalina 10.15.6, iOS 13.6, and more

This week Apple released updates to all of its operating systems and Safari browser. Here’s a brief rundown of new features and security-related fixes included with each update.iOS 13.6 and iPadOS 13.6Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generationApple describes these updates’ new fe
Publish At:2020-07-17 17:15 | Read:456 | Comments:0 | Tags:Software & Apps Security Updates IOS

Apple releases macOS Catalina 10.15.3, iOS 13.3.1, and more

This week Apple released updates to all of its operating systems and Safari browser. Here’s a brief rundown of new features and security-related fixes included with each update.iOS 13.3.1 and iPadOS 13.3.1Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generationApple describes the update’s new
Publish At:2020-01-31 09:00 | Read:1003 | Comments:0 | Tags:Software & Apps Security Updates IOS

Apple issues iOS 13.1.1 and security updates for every OS, even iOS 12

UPDATE: On Friday, September 27, Apple released two more updates—iOS 13.1.1 and iPadOS 13.1.1—to address the following issue:SandboxImpact: Third party app extensions may not receive the correct sandbox restrictionsDescription: A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions.O
Publish At:2019-09-27 22:10 | Read:2467 | Comments:0 | Tags:Software & Apps iOS iOS 12 Security Updates watchOS 5 IOS

Google sets Android security updates rules but enforcement is unclear

The vendor requirements for Android are a strange and mysterious thing but a new leak claims Google has added language to force manufacturers to push more regular Android security updates. According to The Verge, Google’s latest contract will require OEMs to supply Android security updates for two years and provide at least four updates within the firs
Publish At:2019-09-19 23:05 | Read:1390 | Comments:0 | Tags:Android Google Google Apps Google Play Store Security update

ClearEnergy ransomware can destroy process automation logics in critical infrastructure, SCADA and industrial control sy

Schneider Electric, Allen-Bradley, General Electric (GE) and more vendors are vulnerable to ClearEnergy ransomware. Researchers at CRITIFENCE® Critical Infrastructure and SCADA/ICS Cyber Threats Research Group have demonstrated this week a new proof of concept ransomware attack aiming to erase (clear) the ladder logic diagram in Programmable Logic Controlle
Publish At:2017-04-16 11:35 | Read:7806 | Comments:0 | Tags:Critical Infrastructures Cyber Security Cyber Security Resea

[CRITICAL] CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow

Have you ever been deep in the mines of debugging and suddenly realized that you were staring at something far more interesting than you were expecting? You are not alone! Recently a Google engineer noticed that their SSH client segfaulted every time they tried to connect to a specific host. That engineer filed a ticket to investigate the behavior and after
Publish At:2016-11-20 03:20 | Read:6066 | Comments:0 | Tags:Application Security Cyber Security Cyber Security Research

[CRITICAL] Nissan Leaf Can Be Hacked Via Web Browser From Anywhere In The World

What if a car could be controlled from a computer halfway around the world? Computer security researcher and hacker Troy Hunt has managed to do just that, via a web browser and an Internet connection, with an unmodified Nissan Leaf in another country. While so far the control was limited to the HVAC system, it’s a revealing demonstration of what’s possible.
Publish At:2016-11-20 03:20 | Read:5447 | Comments:0 | Tags:Cyber Security Cyber Security Research Security Updates 0xic

OnionDog APT targets Critical Infrastructures and Industrial Control Systems (ICS)

The Helios Team at 360 SkyEye Labs revealed that a group named OnionDog has been infiltrating and stealing information from the energy, transportation and other infrastructure industries of Korean-language countries through the Internet. OnionDog’s first activity can be traced back to October, 2013 and in the following two years it was only active between l
Publish At:2016-11-20 03:20 | Read:6057 | Comments:0 | Tags:Critical Infrastructures Cyber Security Cyber Warfare ICS SC

Kemuri Water Company (KWC) | Hackers change chemical settings at water treatment plant

Hackers manipulated the programmable logic controllers that managed the amount of chemicals used to treat the water to make it safe to drink.   NEW YORK — March 23, 2016 — Hackers breached a water company’s industrial control system and made changes to valve and flow control settings, Verizon revealed in its latest Data Breach Digest. The unnamed w
Publish At:2016-11-20 03:20 | Read:9666 | Comments:0 | Tags:Critical Infrastructures Cyber Security ICS SCADA Security U

Physical Backdoor | Remote Root Vulnerability in HID Door Controllers

If you’ve ever been inside an airport, university campus, hospital, government complex, or office building, you’ve probably seen one of HID’s brand of card readers standing guard over a restricted area. HID is one of the world’s largest manufacturers of access control systems and has become a ubiquitous part of many large companies’ physical security postur
Publish At:2016-11-20 03:20 | Read:6208 | Comments:0 | Tags:Critical Infrastructures Cyber Security ICS Physical Securit

Waze | Another way to track your moves

Millions of drivers use Waze, a Google-owned navigation app, to find the best, fastest route from point A to point B. And according to a new study, all of those people run the risk of having their movements tracked by hackers. Researchers at the University of California-Santa Barbara recently discovered a Waze vulnerability that allowed them to create thou
Publish At:2016-11-20 03:20 | Read:6173 | Comments:0 | Tags:Application Security Cyber Security Mobile Security Security

Flaws in Samsung’s ‘Smart’ Home Let Hackers Unlock Doors and Set Off Fire Alarms

  A smoke detector that sends you a text alert when your house is on fire seems like a good idea. An internet-connected door lock with a PIN that can be programmed from your smartphone sounds convenient, too. But when a piece of malware can trigger that fire alarm at four in the morning or unlock your front door for a stranger, your “smart home” sud
Publish At:2016-11-20 03:20 | Read:5203 | Comments:0 | Tags:Cyber Security Cyber Security Research IoT Physical Security

Discover how many ways there were to hack your Apple TV

Apple has patched more than 60 vulnerabilities affecting the Apple TV, including flaws that can lead to arbitrary code execution and information disclosure. IoT devices are enlarging our attack surface, we are surrounded by devices that manage a huge quantity of information and that could be abused by hackers. Apple has patched more than 60 vulnerabilities a
Publish At:2016-02-26 09:45 | Read:3802 | Comments:0 | Tags:Breaking News Hacking Security Apple TV IoT privacy Remote C

Another Door to Windows | Hot Potato exploit

Microsoft Windows versions 7, 8, 10, Server 2008 and Server 2012 vulnerable to Hot Potato exploit which gives total control of PC/laptop to hackers Security researchers from Foxglove Security have discovered that almost all recent versions of Microsoft’s Windows operating system are vulnerable to a privilege escalation exploit. By chaining together a series
Publish At:2016-01-25 03:00 | Read:4788 | Comments:0 | Tags:Cyber Security Cyber Security Research Exploits Security Upd

Tools