HackDig : Dig high-quality web security articles for hacker

REDBALDKNIGHT/BRONZE BULTER’s Daserf Backdoor Now Using Steganography

by Joey Chen and MingYen Hsieh (Threat Analysts) REDBALDKNIGHT, also known as BRONZE BUTLER and Tick, is a cyberespionage group known to target Japanese organizations such as government agencies (including defense) as well as those in biotechnology, electronics manufacturing, and industrial chemistry. Their campaigns employ the Daserf backdoor (detected by T
Publish At:2017-11-07 11:35 | Read:1248 | Comments:0 | Tags:Malware Targeted Attacks Vulnerabilities BRONZE BULTER Daser

Injection Attacks: The Least Glamorous Attack Is One of the Most Threatening

Very little in life grabs our attention like a shiny new object. The gleam can be irresistible, the glitter mesmerizing. That’s how it is in cybersecurity, where the landscape is almost always dotted with alluringly novel hazards. Brand new threats, fresh twists on old threats — the shiny malicious objects just keep on coming, year in and year out. 201
Publish At:2017-11-02 13:10 | Read:180 | Comments:0 | Tags:Threat Intelligence IBM Managed Security Services (MSS) IBM

Threat Intelligence: A Tear-Free Solution to Help SOC Analysts Prepare for the Next WannaCry

It’s been nearly six months since the WannaCry ransomware stole global headlines and thousands of security practitioners flocked to threat intelligence feeds to help streamline their investigations. While the security community has learned many valuable lessons from the attack, it’s impossible to say that a strike of this magnitude won’t ha
Publish At:2017-10-26 01:10 | Read:247 | Comments:0 | Tags:Malware Security Intelligence & Analytics Threat Intelligenc

Don’t Just Put Out the Zero-Day Fire — Get Rid of the Fuel

How often have you heard a co-worker say that he or she had to put out a fire? Depending on your job role, you may have anywhere from one to more than a dozen so-called fires weekly. A zero-day vulnerability is an example of a work-related fire that a security operations analyst might have to extinguish. Enterprises should be prepared to handle zero-day fir
Publish At:2017-10-22 05:00 | Read:218 | Comments:0 | Tags:Advanced Threats Endpoint Risk Management Software & App Vul

Dnsmasq: A Reality Check and Remediation Practices

Dnsmasq is the de-facto tool for meeting the DNS/DHCP requirements of small servers and embedded devices. Recently, Google Security researchers identified seven vulnerabilities that can allow a remote attacker to execute code on, leak information from, or crash a device running a Dnsmasq version earlier than 2.78, if configured with certain options. Based on
Publish At:2017-10-21 18:05 | Read:151 | Comments:0 | Tags:Internet of Things Vulnerabilities Dnsmasq routers

ZNIU: First Android Malware to Exploit Dirty COW Vulnerability

By Jason Gu, Veo Zhang, and Seven Shen We have disclosed this security issue to Google, who verified that they have protections in place against ZNIU courtesy of Google Play Protect. The Linux vulnerability called Dirty COW (CVE-2016-5195) was first disclosed to the public in 2016. The vulnerability was discovered in upstream Linux platforms such as Redhat,
Publish At:2017-09-25 23:15 | Read:273 | Comments:0 | Tags:Bad Sites Malware Mobile Vulnerabilities android Dirty COW L

Worried About Apache Struts? Stay One Step Ahead of Endpoint Attacks

Endpoint attacks can come from any direction and many sources. Just consider the reported vulnerabilities found in Apache Struts and the damage caused by WannaCry and Petya. Companies need to stay one step ahead of endpoint attacks, but they struggle due to a lack of visibility of endpoint status, the complexity of investigations and ineffective remediation.
Publish At:2017-09-25 15:30 | Read:269 | Comments:0 | Tags:Endpoint Incident Response Apache Endpoint Management Endpoi

OptionsBleed – The Apache HTTP Server Now Bleeds

A new vulnerability in the Apache HTTP server was found recently. Designated as CVE-2017-9798, this vulnerability lies in how Apache handles certain settings in its configuration files, resulting in memory leaks. This vulnerability is named OptionsBleed, based on its similarities with the Heartbleed vulnerability. Patches to Apache are now available. What is
Publish At:2017-09-22 21:10 | Read:500 | Comments:0 | Tags:Vulnerabilities apache OptionsBleed

a-PATCH-e: Struts Vulnerabilities Run Rampant

by Steve Povolny Equifax confirmed the attack vector used in its data breach to be CVE-2017-5638, a vulnerability patched last March 2017 via S2-045. The vulnerability was exploited to gain unauthorized access to highly sensitive data of approximately 143 million U.S. and 400,000 U.K. customers, as well as 100,000 Canadian consumers. This vulnerability was f
Publish At:2017-09-22 02:45 | Read:341 | Comments:0 | Tags:Exploits Vulnerabilities Apache Struts CVE-2017-5638 CVE-201

The Myth of Mutual Exclusivity: Making the DevOps Process More Agile Without Compromising Security

The marketplace is demanding agility, but many enterprises perceive the need for agility as an ongoing security risk. If applications are constantly evolving, they assume, the process will constantly open up new avenues for attackers to exploit. This worry has given rise to a widespread misconception that security or agility is a binary choice. But a growing
Publish At:2017-09-21 19:15 | Read:289 | Comments:0 | Tags:Application Security CISO Agile DevOps SecDevOps Security Pr

Don’t Sweep Web Application Penetration Testing Under the Rug

Web application penetration testing is one of the most critical components of your information security program. The exploitation of a web-related vulnerability could result in a massive breach, so web security must be front and center in any organization. However, I often see people sweep web security under the rug and fail to follow through on their find
Publish At:2017-09-21 00:50 | Read:306 | Comments:0 | Tags:Application Security Risk Management Application Security Te

Advisory: BlueBorne Reportedly Affects Billions of Bluetooth-Enabled Devices

by Vít Šembera (Cyber Threat Researcher) BlueBorne is a set of vulnerabilities affecting the implementation of Bluetooth in iOS, Android, Linux, Windows and Mac OS* devices. According to the researchers who uncovered them, BlueBorne affects around 5.3 billion Bluetooth-enabled devices. The immediate mitigation for BlueBorne is to patch the device, if there’s
Publish At:2017-09-15 23:05 | Read:466 | Comments:0 | Tags:Exploits Internet of Things Vulnerabilities BlueBorne Blueto

Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet

The IBM X-Force Vulnerability Database (XFDB), which holds over 100,000 publicly disclosed vulnerabilities, is chock-full of insights concerning the cybersecurity threat landscape. Much of the data is publicly available directly on the IBM X-Force Exchange platform and can be accessed by users anytime. In reviewing the database on an ongoing basis, the IBM
Publish At:2017-09-14 21:10 | Read:371 | Comments:0 | Tags:Advanced Threats Endpoint Threat Intelligence X-Force Resear

Hangul Word Processor and PostScript Abused Via Malicious Attachments

The Hangul Word Processor (HWP) is a word processing application which is fairly popular in South Korea. It possesses the ability to run PostScript code, which is a language originally used for printing and desktop publishing, although it is a fully capable language. Unfortunately, this ability is now being exploited in attacks involving malicious attachment
Publish At:2017-09-14 10:15 | Read:330 | Comments:0 | Tags:Malware Vulnerabilities Encapsulated PostScript Hangul Word

Microsoft Office Zero-Day Vulnerability Addressed in September Patch Tuesday

Microsoft has released their monthly security bulletin—colloquially known as Patch Tuesday—for September. The most important update is one that addresses a zero-day vulnerability that exploits Microsoft Word. CVE-2017-8759 is a .NET Framework Remote Code Execution Vulnerability that allows attackers to execute code on the target system remotely when exploite
Publish At:2017-09-13 15:50 | Read:462 | Comments:0 | Tags:Vulnerabilities September Patch Tuesday Vulnerability

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud

Keywords