HackDig : Dig high-quality web security articles for hackers

Signal fixes verification delays caused by WhatsApp mass exodus

Signal's encrypted messaging service has recovered from delays affecting its new user verification process after a mass exodus of WhatsApp users to their platform.When setting up Signal for the first time, users must verify their mobile number using verification codes sent by the encrypted messaging provider.Due to a surge in users switching to Signal, the v
Publish At:2021-01-08 12:25 | Read:133 | Comments:0 | Tags:Software

Linux malware authors use Ezuri Golang crypter for zero detection

Multiple malware authors are using the "Ezuri" crypter and memory loader to make their code undetectable to antivirus products.Source code for Ezuri, written in Golang, is available on GitHub for anyone to use.Ezuri decrypts malware payload within memoryAccording to a report released by AT&T Alien Labs, multiple threat actors are using Ezu
Publish At:2021-01-07 09:07 | Read:189 | Comments:0 | Tags:Security Linux Software

Mozilla Firefox disabling backspace key to prevent data loss

Mozilla Firefox is disabling the browser's backspace key to prevent users from accidentally losing data typed into forms.In 2014, Google removed the ability to go back to a previous page by using the backspace key as it could cause the loss of data entered into forms on the current page."Would be useful to determine how commonly backspace is used as a "back"
Publish At:2021-01-06 21:25 | Read:175 | Comments:0 | Tags:Software

North Korean software supply chain attack targets stock investors

North Korean hacking group Thallium aka APT37 has targeted users of a private stock investment messenger service in a software supply chain attack, according to a report published this week.Up until now, the group mainly relied on phishing attacks, such as via Microsoft Office documents, to target its victims.Thallium is no
Publish At:2021-01-05 14:13 | Read:273 | Comments:0 | Tags:Security Software

Zend Framework remote code execution vulnerability revealed

An untrusted deserialization vulnerability disclosed this week in Zend Framework can be exploited by attackers to achieve remote code execution on PHP sites.This vulnerability tracked as CVE-2021-3007 may also impact some instances of Laminas Project, Zend's successor.Zend Framework consists of PHP packages installed over 570 million time
Publish At:2021-01-04 14:49 | Read:235 | Comments:0 | Tags:Security Software Vulnerability

Microsoft's unreleased Windows Core Polaris OS leaks online

A development build of Windows Core Polaris was leaked online yesterday, proving that Microsoft was actively developing the operating system designed for low-performance devices.For those unaware, Microsoft has been secretly working on a modular version of the Windows platform codenamed "Windows Core OS." With Windows Core OS, Microsoft planned to offer
Publish At:2021-01-03 19:19 | Read:130 | Comments:0 | Tags:Microsoft Software

Adobe now shows alerts in Windows 10 to uninstall Flash Player

With the Flash Player officially reaching the end of life tomorrow, Adobe has started to display alerts on Windows computers recommending that users uninstall Flash Player.When Flash Player is installed, it creates a scheduled task named 'Adobe Flash Player PPAPI Notifier' that executes the following command:"C:WindowsSysWOW64MacromedFlashFlashUtil32_32_0_0_
Publish At:2020-12-30 21:43 | Read:210 | Comments:0 | Tags:Software Microsoft Security

GitHub-hosted malware calculates Cobalt Strike payload from Imgur pic

A new strand of malware uses Word files with macros to download a PowerShell script from GitHub.This PowerShell script further downloads a legitimate image file from image hosting service Imgur to decode a Cobalt Strike script on Windows systems.Multiple researchers have linked this strain to MuddyWater (aka SeedWorm a
Publish At:2020-12-28 11:13 | Read:252 | Comments:0 | Tags:Security Software

Windows 10 Cloud PC: What is known about Microsoft's new service

According to sources, Microsoft is developing a new virtualized Windows PC experience called 'Cloud PC' that allows administrators to deploy remotely accessible Windows 10 PCs in the cloud.With Cloud PC, Microsoft would handle your organization's device configuration with regular updates, security improvements, and managed support. This new feature is part o
Publish At:2020-12-27 15:43 | Read:246 | Comments:0 | Tags:Microsoft Software Cloud

Google Chrome is testing larger cache sizes to increase performance

Google is experimenting with increased storage for the browser cache to reduce the performance hit caused by the recently added partitioned cache feature.Before Chrome 85, the browser used a single storage bucket to store cached resources, such as images, audio, video, and HTML content for all pages that you have previously visited. When Chrome opens a web p
Publish At:2020-12-24 13:37 | Read:298 | Comments:0 | Tags:Google Software

Holiday deal exclusive: Get 20% off Emsisoft Anti-Malware

Emsisoft has provided BleepingComputer visitors an exclusive holiday deal where you can get 20% off Emsisoft Anti-Malware until the end of the year.If you have been waiting to purchase an antivirus program or know someone who needs protection for their computer, this is an excellent deal on a superior product. Emsisoft is a powerful anti-virus solu
Publish At:2020-12-23 14:13 | Read:222 | Comments:0 | Tags:Software Security

Google is bringing Discover to other Chromium browsers

According to new code references found in the open-source Chromium platform, Chromium-based browsers like Vivaldi and Brave should soon be able to take advantage of Google's personalized news feed called 'Discover'.Google Discover (previously known as Google Feed or Google Now Feed) is a personalized content feed that serves relevant news and non-news c
Publish At:2020-12-21 11:31 | Read:201 | Comments:0 | Tags:Google Software

Google Chrome disables insecure form warnings after complaints

Google has disabled a feature that displays a warning when submitting insecure forms after receiving many complaints from users and website administrators.Google has been focusing on removing mixed-content in Google Chrome, when a secure page (HTTPS) loads content from an insecure (HTTP) URL. As part of this initiative, Google rolled out a new feature i
Publish At:2020-12-18 13:19 | Read:169 | Comments:0 | Tags:Google Software

Holiday deal: 40% off Malwarebytes Premium and Teams

Malwarebytes is running a holiday deal where you can get 40% off Malwarebytes Premium and the Malwarebytes for Teams business product for a limited time.If you have been waiting to purchase a license or know someone who needs a good antivirus program, these savings are significant. This is especially true if you buy multi-year multi-device lic
Publish At:2020-12-17 13:55 | Read:217 | Comments:0 | Tags:Software Security

Firefox 84 dramatically boosts performance on Apple Silicon Macs

Mozilla Firefox 84 was released today with a dramatic performance boost after adding native support on macOS devices with Apple Silicon processors.Windows, Mac, and Linux desktop users can upgrade to Firefox 84 by going to Options -> Help -> About Firefox. The browser will automatically check for the new update and install it w
Publish At:2020-12-15 11:13 | Read:202 | Comments:0 | Tags:Software Apple Linux

Tools

Tag Cloud