HackDig : Dig high-quality web security articles for hackers

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was firs
Publish At:2020-09-17 18:57 | Read:109 | Comments:0 | Tags:Ne'er-Do-Well News anvisoft APT41 Barium Chengdu 404 Cisco C

‘War Dialing’ Tool Exposes Zoom’s Password Problems

As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom. But without the protection of a password, there’s a decent chance your next Zoom meeting could be “Zoom bombed” — attended or disrupted by someone who doesn’t bel
Publish At:2020-04-02 11:45 | Read:674 | Comments:0 | Tags:A Little Sunshine The Coming Storm Time to Patch Dave Kenned

Apple Explains Mysterious iPhone 11 Location Requests

KrebsOnSecurity ran a story this week that puzzled over Apple‘s response to inquiries about a potential privacy leak in its new iPhone 11 line, in which the devices appear to intermittently seek the user’s location even when all applications and system services are individually set never to request this data. Today, Apple disclosed that this beha
Publish At:2019-12-05 16:40 | Read:1184 | Comments:0 | Tags:A Little Sunshine apple iPhone 11 Techcrunch Ultra Wideband

Avast, NordVPN Breaches Tied to Phantom User Accounts

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password. Based in the Czech Repub
Publish At:2019-10-21 21:40 | Read:4579 | Comments:0 | Tags:Data Breaches Avast breach FileHippo Jaya Baloo Kenneth Whit

Is Your Mobile Carrier Your Weakest Link?

More online services than ever now offer two-step authentication — requiring customers to complete a login using their phone or other mobile device after supplying a username and password. But with so many services relying on your mobile for that second factor, there has never been more riding on the security of your mobile account. Below are some tips
Publish At:2017-09-01 00:45 | Read:4482 | Comments:0 | Tags:Other AT&T Authy Bictoin theft CloudFlare Google Authenticat

Inside a Porn-Pimping Spam Botnet

For several months I’ve been poking at a decent-sized spam botnet that appears to be used mainly for promoting adult dating sites. Having hit a wall in my research, I decided it might be good to publish what I’ve unearthed so far to see if this dovetails with any other research out there. In late October 2016, an anonymous source shared with Kreb
Publish At:2017-06-15 23:20 | Read:9808 | Comments:0 | Tags:Other 55687349 AmateurMatch cecash CyberErotica Deniro Marke

Check out our co-founder’s security advice to the auto industry in TechCrunch

After hacking a Tesla over the past year, Kevin Mahaffey came to a simple conclusion: “When you connect a car to the Internet, it is no longer just a car: It is a computer on wheels.” He recently published his thoughts in an Op/Ed with TechCrunch, which you can read here. Computers need a special kind of security attention. It’s not enough to crash plastic
Publish At:2015-09-15 01:40 | Read:3240 | Comments:0 | Tags:Security connected cars Techcrunch Tesla

Kreditech Investigates Insider Breach

Kreditech, a consumer finance startup that specializes in lending to “unbanked” consumers with little or no credit rating, is investigating a data breach that came to light after malicious hackers posted thousands of applicants’ personal and financial records online. A screen shot of the Tor site that links to the documents stolen from Kred
Publish At:2015-03-24 07:35 | Read:3093 | Comments:0 | Tags:A Little Sunshine Data Breaches A4 Anna Friedrich Corey Well

Tools

Tag Cloud