HackDig : Dig high-quality web security articles for hacker

3 Ways to Secure Yourself From Common Web Attacks

3 Ways to Secure Yourself From Common Web Attacks March 31st, 2020 No Comments anti-phishing, Data Privacy, Data Protection, Online Privacy, Online Safety, PC security, Uncategorized With the increase in largely-publicized security breaches to corpo
Publish At:2020-03-31 07:15 | Read:199 | Comments:0 | Tags:anti-phishing Data Privacy Data Protection Online Privacy On

Top 10 Brand Phishing Companies

Top 10 Brand Phishing Companies March 23rd, 2020 No Comments anti-phishing, Data Protection, Online Safety, Uncategorized By 2020, you’ve probably already experienced getting an email from a well-known company, such as Apple or Facebook, letting you
Publish At:2020-03-23 13:22 | Read:231 | Comments:0 | Tags:anti-phishing Data Protection Online Safety Uncategorized br

Location-tracking wristbands required on all incoming travelers to Hong Kong

byLisa VaasWelcome to Hong Kong, traveler, and to the mandatory, Disney MagicBand-esque tracking wristband we’re about to slap onto your potentially infectious arm.The city-state had already been requiring arrivals from mainland China to self-isolate at home for 14 days. But as the area undergoes a COVID-19 resurgence, mostly brought in by travelers co
Publish At:2020-03-20 07:42 | Read:219 | Comments:0 | Tags:Law & order Privacy Uncategorized COVID-19 electronic wristb

LDAPFragger: Command and Control over LDAP attributes

  Introduction A while back during a penetration test of an internal network, we encountered physically segmented networks. These networks contained workstations joined to the same Active Directory domain, however only one network segment could connect to the internet. To control workstations in both segments remotely with Cobalt Strike, we built a tool
Publish At:2020-03-19 06:53 | Read:183 | Comments:0 | Tags:audits Blog Cobalt Strike pentest Uncategorized

Coronavirus: New Phishing Campaigns Exploit the Global Panic

Coronavirus: New Phishing Campaigns Exploit the Global Panic March 15th, 2020 No Comments anti-phishing, Data Privacy, Data Protection, Online Privacy, Online Safety, PC security, remote work, Uncategorized Unless you’ve been in complete lack of con
Publish At:2020-03-15 08:07 | Read:515 | Comments:0 | Tags:anti-phishing Data Privacy Data Protection Online Privacy On

CVE-2020-0796: SMBv3 “Wormable” Remote Code Execution Vulnerability

On March 10, 2020, during its monthly Patch Tuesday, Microsoft published the advisory ADV200005 for a critical Remote Code Execution (RCE) vulnerability on Server Message Block (SMB) 3.1.1. Microsoft released the advisory after Cisco Talos accidentally published details on the same day. Both Cisco Talos and Fortinet released advisories for the vulnerabilitie
Publish At:2020-03-12 10:55 | Read:319 | Comments:0 | Tags:Uncategorized Vulnerability

GitOps Security with k8s-security-configwatch

the k8s-security-configwatch GitHub Action, an open source tool from Sysdig, secures your GitOps workloads by detecting changes on your Kubernetes security configuration. Imagine this scenario: The Secure DevOps team of the “Kubernetes Swag” store is going crazy investigating a security alarm; their Kubernetes containers keep being comprom
Publish At:2020-03-05 15:44 | Read:306 | Comments:0 | Tags:Uncategorized compliance Github Github Actions GitOps Kubern

Karkoff 2020: a new APT34 espionage operation involves Lebanon Government

Experts from Cybaze/ Yoroi Zlab spotted a new sample of the Karkoff implant that was employed in past campaigns associated with Iran-linked APT34 group.Experts from Cybaze/ Yoroi Zlab spotted a new sample of the Karkoff implant that was employed in past campaigns associated with Iran-linked APT34 group. Introduction In November 2018, researchers from C
Publish At:2020-03-02 15:30 | Read:336 | Comments:0 | Tags:Uncategorized APT34 cyber espionage Hacking it security it s

How to monitor kube-controller-manager

Monitoring kube-controller-manager is important, as it is a main component of Kubernetes control plane. Kube-controller-manager runs in master nodes and it takes care of the different controller processes. These controllers watch the status of the different services deployed through the API and take corrective actions in case real and desired status don’t
Publish At:2020-02-26 14:15 | Read:231 | Comments:0 | Tags:Kubernetes Uncategorized control plane Prometheus

How to troubleshoot Kubernetes OOM and CPU Throttle

Experience Kubernetes OOM kills can be very frustrating. Why is my application struggling if I have plenty of CPU in the node? Managing Kubernetes pod resources can be a challenge. Many issues can arise, possibly due to an incorrect configuration of Kubernetes limits and requests. In this article, we will try to help you detect the most common i
Publish At:2020-01-30 11:50 | Read:405 | Comments:0 | Tags:Kubernetes OpenShift Prometheus Sysdig Monitor Uncategorized

Targeted Active Directory Host Enumeration

Current Problem When working in an unknown network, some of the most important pieces of information to have are appraisals of current assets and information contained on them. This is important for any security professional, from tester to defender. Given the prevalence of Active Directory (AD) in most Windows environments, gaining a clear inventory of t
Publish At:2020-01-23 14:50 | Read:410 | Comments:0 | Tags:Uncategorized

From the Desk of the CEO: Securing the Future – Junior and Internship Programs

When TrustedSec first started, the vision was to build a team of amazing individuals that were passionate, dedicated, and focused on helping organizations fix the issues they face in cybersecurity. While we may have accomplished this, there’s always more to do. At TrustedSec, our mission to contribute to the industry and community has always remained strong.
Publish At:2020-01-16 19:50 | Read:447 | Comments:0 | Tags:Uncategorized

Hunting for beacons

Author: Ruud van Luijk Attacks need to have a form of communication with their victim machines, also known as Command and Control (C2) [1]. This can be in the form of a continuous connection or connect the victim machine directly. However, it’s convenient to have the victim machine connect to you. In other words: It has to communicate back. This blog describ
Publish At:2020-01-15 09:55 | Read:294 | Comments:0 | Tags:Uncategorized

Alarming Number of UC Browser Users Vulnerable to MiTM Attacks

A staggering number of UC Browsers and mini Android apps of the same name may have been vulnerable to Man-in-the-middle or MiTM attacks. This happened when they downloaded an APK, Android Package Kit from an unauthorized or third-party server over insecure channels. Hackers can use MiTM to spy on the devices and change or intercept any communications. This
Publish At:2020-01-12 17:05 | Read:1210 | Comments:0 | Tags:Uncategorized

5 Major Cybersecurity Trends for 2020

5 Major Cybersecurity Trends for 2020 January 8th, 2020 No Comments anti-phishing, Mobile Security, Online Safety, PC security, Ransomware, Uncategorized 2019 is gone and a new decade is in sight. 2020 is said to be a year that will bring on many ch
Publish At:2020-01-08 10:05 | Read:979 | Comments:0 | Tags:anti-phishing Mobile Security Online Safety PC security Rans

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud