HackDig : Dig high-quality web security articles for hackers

UK NCSC’s alert urges orgs to fix MobileIron CVE-2020-15505 RCE

The UK NCSC issued an alert to urge organizations to patch the critical CVE-2020-15505 RCE vulnerability in MobileIron MDM systems. The UK National Cyber Security Centre (NCSC) issued an alert urging organizations to address the critical CVE-2020-15505 remote code execution (RCE) vulnerability in MobileIron mobile device management (MDM) systems. MDM p
Publish At:2020-11-25 07:18 | Read:43 | Comments:0 | Tags:Uncategorized CVE-2020-15505 Hacking hacking news informatio

TA505: A Brief History Of Their Time

Threat Intel Analyst: Antonis Terefos (@Tera0017)Data Scientist: Anne Postma (@A_Postma) 1. Introduction TA505 is a sophisticated and innovative threat actor, with plenty of cybercrime experience, that engages in targeted attacks across multiple sectors and geographies for financial gain. Over time, TA505 evolved from a lesser partner to a mature, self
Publish At:2020-11-18 06:08 | Read:145 | Comments:0 | Tags:Uncategorized

Muhstik botnet adds Oracle WebLogic and Drupal exploits

Muhstik botnet leverages known web application exploits to compromise IoT devices, now it targeting Oracle WebLogic, Drupal. Muhstik is a botnet that is known to use web application exploits to compromise IoT devices, it has been around for at least 2018. Botnet operators monetize their efforts via XMRig, cgmining and with DDoS-for-hire services.  T
Publish At:2020-11-11 15:41 | Read:143 | Comments:0 | Tags:Uncategorized exploit botnet

Netflix’s ‘The Social Dilemma’: An Eye-Opener to a Silent Existential Crisis, or an Overblown Scare Tactic?

Netflix’s ‘The Social Dilemma’: An Eye-Opener to a Silent Existential Crisis, or an Overblown Scare Tactic? November 11th, 2020 No Comments Data Privacy, Data Protection, Mobile Security, Online Privacy, Uncategorized “What I want people to know is
Publish At:2020-11-11 10:23 | Read:189 | Comments:0 | Tags:Data Privacy Data Protection Mobile Security Online Privacy

Decrypting OpenSSH sessions for fun and profit

Author: Jelle Vergeer Introduction A while ago we had a forensics case in which a Linux server was compromised and a modified OpenSSH binary was loaded into the memory of a webserver. The modified OpenSSH binary was used as a backdoor to the system for the attackers. The customer had pcaps and a hypervisor snapshot of the system on the moment it was co
Publish At:2020-11-11 06:25 | Read:167 | Comments:0 | Tags:Uncategorized

US authorities behind $1 billion Bitcoin transaction of Silk Road funds

The United States announced the seizure of $1 billion worth of Bitcoin stolen by an individual from the Silk Road marketplace. On November 3, The United States this week announced that it has seized $1 billion worth of Bitcoin stolen by an individual from the Silk Road marketplace over half a decade ago. “The United States filed a civil complaint
Publish At:2020-11-06 14:47 | Read:175 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Digital ID Uncategorized

S3 Ep5: Chrome, Flash and malware for sale [Podcast]

byPaul DucklinIn this episode: a zero-day bug in Chrome for Android, the imminent death of Adobe Flash, the evolution of “malware-as-a-service“, and the malware risks from image search. Also (oh! no!), why you should take care before you pair.Presenters: Kimberly Truong, Doug Aamoth and Paul Ducklin.Intro and outro music: Edith Mudge.LISTEN NOWCl
Publish At:2020-11-05 12:12 | Read:175 | Comments:0 | Tags:Uncategorized Buer chrome Cybercrime Exploit Google malware

A data breach broker is selling account databases of 17 companies

A threat actor is offering for sale account databases containing an aggregate total of 34 million user records stolen from 17 companies. A data breach broker is selling account databases containing a total of 34 million user records stolen from 17 companies. The threat actor is advertising the stolen data since October 28 on a hacker forum. Sour
Publish At:2020-11-01 07:25 | Read:350 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Deep Web Hacking Uncat

Is Video Conferencing Still A Security Risk to Your Business?

Is Video Conferencing Still A Security Risk to Your Business? October 22nd, 2020 No Comments antivirus, Data Privacy, Data Protection, Uncategorized This year with COVID, the American worker is working differently –as well as shopping, being enterta
Publish At:2020-10-22 10:41 | Read:256 | Comments:0 | Tags:antivirus Data Privacy Data Protection Uncategorized securit

Microsoft October 2020 Patch Tuesday fixes 87 flaws, including 21 RCEs

Microsoft October 2020 Patch Tuesday security updates address 87 vulnerabilities, including 21 remote code execution (RCE) issues. Microsoft October 2020 Patch Tuesday security updates address 87 vulnerabilities, including 21 remote code execution (RCE) issues. The remote code execution (RCE) flaws fixed by Microsoft affects multiple products, includin
Publish At:2020-10-13 17:29 | Read:238 | Comments:0 | Tags:Uncategorized

Detecting and Mitigating Potential Container Escapes via CVE-2020-14386

On September 14, CVE-2020-14386 was reported as a “high” severity threat. This CVE is a kernel security vulnerability that enables an unprivileged local process to gain root access to the system. CVE-2020-14386 is a result of a bug found in the packet socket facility in the Linux kernel. It allows a bad actor to trigger a memory corruption that can be
Publish At:2020-09-16 20:49 | Read:406 | Comments:0 | Tags:Falco Google Cloud Kubernetes Sysdig Sysdig Secure Uncategor

StreamDivert: Relaying (specific) network connections

Author: Jelle Vergeer The first part of this blog will be the story of how this tool found its way into existence, the problems we faced and the thought process followed. The second part will be a more technical deep dive into the tool itself, how to use it, and how it works. Storytime About 1½ half years ago I did an awesome Red Team like project.
Publish At:2020-09-10 15:25 | Read:311 | Comments:0 | Tags:audits Blog pentest Uncategorized

Fake web alerts – how to spot and stop them

bySean GallagherInternet scammers are always looking for a better way to separate unwitting device users from their money. And as with all other endeavors, they’ve learned that it pays to advertise.At SophosLabs we recently researched a collection of scams that exploit web advertising networks to pop up fake system alerts on both computers and mobile devices
Publish At:2020-09-09 10:19 | Read:281 | Comments:0 | Tags:Uncategorized Scam scam ads web scam

New KryptoCibule Windows Trojan spreads via malicious torrents

Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. The malware has been active since at least December 2018, it targets cryptocurrency user
Publish At:2020-09-02 09:35 | Read:362 | Comments:0 | Tags:Uncategorized cry KryptoCibule malware

Machine learning from idea to reality: a PowerShell case study

Detecting both ‘offensive’ and obfuscated PowerShell scripts in Splunk using Windows Event Log 4104 Author: Joost Jansen This blog provides a ‘look behind the scenes’ at the RIFT Data Science team and describes the process of moving from the need or an idea for research towards models that can be used in practice. More specifically, how known a
Publish At:2020-09-02 08:07 | Read:440 | Comments:0 | Tags:Uncategorized

Tools