HackDig : Dig high-quality web security articles for hackers

Avaddon ransomware decryptor released, but operators quickly reacted

An expert released a free decryption tool for the Avaddon ransomware, but operators quickly updated malware code to make it inefficient. The Spanish student Javier Yuste has released a free decryption tool for the Avaddon ransomware that can be used by the victims to recover their encrypted files for free. Yuste is a student at the Rey Juan Carlos Univ
Publish At:2021-02-11 19:00 | Read:153 | Comments:0 | Tags:Cyber Crime Hacking Malware Uncategorized hacking news infor

Intro to DevSecOps: Why Integrated Security is Key in 2021

The unprecedented events of 2020 only accelerated the adoption of cloud-based business models. These highly scalable solutions and services have made work easier for employees calling in from home. However, the drastic increase in internet and application usage last year highlighted the importance of improved security measures. That’s where DevSecOps
Publish At:2021-02-09 08:17 | Read:177 | Comments:0 | Tags:Uncategorized DevOps Integrated Security security

Injecting Rogue DNS Records Using DHCP

During an Internal Penetration Test or Adversarial Attack Simulation (Red Team), TrustedSec will deploy a rogue, Linux-based networking device onto a client’s network. These devices will sometimes obtain an IP address via DHCP and establish an outbound connection wherein we can perform our testing. Every client network is different, but we have
Publish At:2021-02-02 10:24 | Read:157 | Comments:0 | Tags:Uncategorized

THREAT ALERT: Crypto miner attack involving RinBot’s server, a popular Discord bot

The Sysdig Security Research team has identified crypto mining activities coming from the server hosting the popular RinBot Discord bot. Discord is a free app for mobile and computers that lets people chat via text, voice, or video in real time. With more than 100 million active users during 2020, Discord is extremely popular among young people and gamer
Publish At:2021-01-27 19:25 | Read:188 | Comments:0 | Tags:Uncategorized Detection falco Kubernetes Sysdig Monitor Sysd

Hacker leaks data of 2.28M users of dating site MeetMindful

A well-known threat actor has leaked data belonging to 2.28 million users registered on the dating website MeetMindful. ZDNet first reported that the well-known threat actor ShinyHunters has leaked the data of more than 2.28 million users registered on the dating site MeetMindful, The threat actor leaked the data for free download on a publicly accessi
Publish At:2021-01-24 14:43 | Read:240 | Comments:0 | Tags:Uncategorized data leak Hacking hacking news information sec

Stackrox Acquisition: The Race to Secure Containers

Today, Red Hat announced its intent to acquire Stackrox. This is a very exciting development in the world of cloud-native security! First and foremost, congratulations to Stackrox, an early participant in the container security space. This acquisition is a great outcome for Stackrox given their nascent scale and on-premises offering. It also validates th
Publish At:2021-01-07 19:49 | Read:237 | Comments:0 | Tags:Uncategorized

5 Best practices for ensuring secure container images

Most modern organizations understand that the earlier you integrate security into the development process, the more secure the applications will be in production. For containerized workloads, securing the container image throughout the application life cycle is a critical part of security, but many organizations don’t even follow basic best practices for e
Publish At:2020-12-29 13:25 | Read:330 | Comments:0 | Tags:Uncategorized

Detect CVE-2020-8554 using Falco

CVE-2020-8554 is a vulnerability that particularly affects multi-tenant Kubernetes clusters. If a potential attacker can create or edit services and pods, then they may be able to intercept traffic from other pods or nodes in the cluster. An attacker that is able to create a ClusterIP service and set the spec.externalIPs field can intercept traffic
Publish At:2020-12-23 13:13 | Read:263 | Comments:0 | Tags:Falco Uncategorized

Cooking the perfect holiday ham with IoT, Prometheus, and you

With the holidays upon us around the world, some folks here at Sysdig decided to take a technological approach to holiday cooking. How, you ask? By adding a little PromQL to the mix. A home kitchen during the holidays can be a very frenetic place. There are often many, many dishes being prepared at the same time and cooked in sequence. Some
Publish At:2020-12-22 13:49 | Read:345 | Comments:0 | Tags:Uncategorized

Bypassing Windows SmartScreen

God, its been forever since I made an update. I figured if I was to make an update after more than a year’s absence, it better damned well be a good fucking update. Feels like the last time I updated this blog OK, so Smart Screen is a windows defender utility that comes with Windows 10. It pops up a warning if you attempt to run a binary that is
Publish At:2020-12-19 05:27 | Read:499 | Comments:0 | Tags:Uncategorized 0day dll smartscreen bypassing

UK NCSC’s alert urges orgs to fix MobileIron CVE-2020-15505 RCE

The UK NCSC issued an alert to urge organizations to patch the critical CVE-2020-15505 RCE vulnerability in MobileIron MDM systems. The UK National Cyber Security Centre (NCSC) issued an alert urging organizations to address the critical CVE-2020-15505 remote code execution (RCE) vulnerability in MobileIron mobile device management (MDM) systems. MDM p
Publish At:2020-11-25 07:18 | Read:402 | Comments:0 | Tags:Uncategorized CVE-2020-15505 Hacking hacking news informatio

TA505: A Brief History Of Their Time

Threat Intel Analyst: Antonis Terefos (@Tera0017)Data Scientist: Anne Postma (@A_Postma) 1. Introduction TA505 is a sophisticated and innovative threat actor, with plenty of cybercrime experience, that engages in targeted attacks across multiple sectors and geographies for financial gain. Over time, TA505 evolved from a lesser partner to a mature, self
Publish At:2020-11-18 06:08 | Read:395 | Comments:0 | Tags:Uncategorized

Muhstik botnet adds Oracle WebLogic and Drupal exploits

Muhstik botnet leverages known web application exploits to compromise IoT devices, now it targeting Oracle WebLogic, Drupal. Muhstik is a botnet that is known to use web application exploits to compromise IoT devices, it has been around for at least 2018. Botnet operators monetize their efforts via XMRig, cgmining and with DDoS-for-hire services.  T
Publish At:2020-11-11 15:41 | Read:419 | Comments:0 | Tags:Uncategorized exploit botnet

Netflix’s ‘The Social Dilemma’: An Eye-Opener to a Silent Existential Crisis, or an Overblown Scare Tactic?

Netflix’s ‘The Social Dilemma’: An Eye-Opener to a Silent Existential Crisis, or an Overblown Scare Tactic? November 11th, 2020 No Comments Data Privacy, Data Protection, Mobile Security, Online Privacy, Uncategorized “What I want people to know is
Publish At:2020-11-11 10:23 | Read:527 | Comments:0 | Tags:Data Privacy Data Protection Mobile Security Online Privacy

Decrypting OpenSSH sessions for fun and profit

Author: Jelle Vergeer Introduction A while ago we had a forensics case in which a Linux server was compromised and a modified OpenSSH binary was loaded into the memory of a webserver. The modified OpenSSH binary was used as a backdoor to the system for the attackers. The customer had pcaps and a hypervisor snapshot of the system on the moment it was co
Publish At:2020-11-11 06:25 | Read:496 | Comments:0 | Tags:Uncategorized

Tools

Tag Cloud