HackDig : Dig high-quality web security articles for hacker

HTTP… For the Good or the Bad

Tonight, I was invited by the OWASP Belgium Chapter (thank you again!) to present “something“. When I accepted the invitation, I did not really have an idea so I decided to compile the findings around my research about webshells. They are common tools used by bad guys: Once they compromized a server, they often install a webshell which is a kind
Publish At:2017-05-29 18:45 | Read:1702 | Comments:0 | Tags:Event Security Websites OWASP Webshell

Hackers actively exploit critical vulnerability in sites running Joomla

Attackers are actively exploiting a critical remote command-execution vulnerability that has plagued the Joomla content management system for almost eight years, security researchers said.A patch for the vulnerability, which affects versions 1.5 through 3.4.5, was released Monday morning. It was too late: the bug was already being exploited in the wild, rese
Publish At:2015-12-15 03:40 | Read:2016 | Comments:0 | Tags:Risk Assessment Technology Lab Uncategorized content managem

Expanding your CMS at your own risk!

CMS or “Content Management Systems” became vey common for a few years. Popular CMS are WordPress, Drupal or Joomla. You can rent some space at a hosting provider for a few bucks or even find free hosting platforms. You can deploy them in a few minutes on your own server. Then, you just have to focus on the content: No need to learn CSS/HTML! For
Publish At:2015-03-13 15:05 | Read:1851 | Comments:0 | Tags:Security Software Websites CMS Drupal Plugins wordpress

Possible ISIS Supporters Hack American Websites Over Weekend

The FBI is investigating the hacks of a number of American-based websites that appear to have been perpetrated by supporters of the militant Islamic group ISIS.Montauk Manor, a historic resort hotel based in Montauk, NY, was one of the victims of the weekend attacks.On Saturday, visitors to the hotel’s website were greeted with an image of the black ISIS log
Publish At:2015-03-09 23:40 | Read:2202 | Comments:0 | Tags:Latest Security News Hacked ISIS security Websites

Restricting Access to Flash Files with Squid

Is “swf” the new “wtf“? What’s happening with the Flash player? The Adobe’s multimedia platform has been targeted by multiple 0-days since the beginning of 2015! Just have a look on cvedetails.com. Two days ago, security researchers at TrendMicro found another one. It is identified as CVE-2015-0313. Bored by the multiple p
Publish At:2015-02-04 18:55 | Read:2009 | Comments:0 | Tags:Security Websites 0-day Flash Proxy Software Squid

‘SoakSoak’ Malware Compromises More Than 100,000 WordPress Websites

A particular type of malware has infected more than 100,000 WordPress specific websites, according to a security firm.Tony Perez, CEO and Co-Founder of Sucuri, a web protection and malware removal company, notes in a blog post that the malware first came to his attention when Google blacklisted more than 11,000 domains infected with the malware.The malware w
Publish At:2014-12-15 10:55 | Read:2168 | Comments:0 | Tags:Latest Security News malware Websites WordPress

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud