HackDig : Dig high-quality web security articles for hacker

#HackerKast 43: Ashley Madison Hacked, Firefox Tracking Services and Cookies, HTML5 Malware Evasion Techniques, Miami Co

Hey Everybody! Welcome to another HackerKast. Lets get right to it! We had to start off with the big story of the week which was that Ashley Madison got hacked. For those of you fortunate enough to not know what Ashley Madison is, it is a dating website dedicated to members who are in relationships and looking to have affairs. This breach was a twist from m
Publish At:2015-07-28 03:40 | Read:1975 | Comments:0 | Tags:Industry Observations Technical Insight Tools and Applicatio

#HackerKast 42: Hacking Team, LastPass Clickjacking, Cowboy Adventure Game Distributes Malware, Droopescan, WhiteHat Acc

Welcome to the Episode in which we describe the answer to the Ultimate Question of Life, the Universe, and Everything. Maybe we’ll just stick to security but we’ve now done 42 of these things. Kicking off this week with a gigantic combined story about Hacking Team, the story that keeps on giving. We touched on this breach last week but as people
Publish At:2015-07-18 15:50 | Read:3836 | Comments:0 | Tags:Vulnerabilities Web Application Security WhiteHat HackerKast

#HackerKast 41: HackingTeam, Adobe Flash Bug, UK Government’s Possible Encryption Ban

Hello everyone! Welcome to Week 41! Hope everyone enjoyed the holiday last week. Let’s get right to it: First off, we talked about HackingTeam which is an Italian survaillence firm which sells its tools to governments to spy on citizens. We don’t know much about the breach itself in terms of technical details but the fact that this is a security
Publish At:2015-07-10 18:35 | Read:1959 | Comments:0 | Tags:Industry Observations Technical Insight Vulnerabilities Web

#HackerKast 40: OPM Breach, Sourcepoint, AdBlock Plus, NSA and AV software, Adobe Flash, Chrome Listens In via Computer

Regards, Hey Everybody! Welcome to our 40th HackerKast! Thanks for listening as always and lets get to the news! Our first story to chat about this week was news bubbling up still about the recent OPM breach. This time, the news outlets are latching on to the fact that data encryption wouldn’t have helped them in this case. Jeremiah poses the question
Publish At:2015-06-27 04:20 | Read:4859 | Comments:0 | Tags:Industry Observations Technical Insight Tools and Applicatio

#HackerKast 39: MLB Astros Hacked By Cardinals, Duqu 2.0, More Ad Blocking News and RIP Microsoft Ask Toolbar

Hey everybody and welcome to another week in Internet Security. Robert and I were trying our best to stay above water with Tropical Storm Bill hitting Southern Texas while Jeremiah was making us jealous with his palm trees and blue skies in Hawaii. I’ll remember that one Jer… Back on topic, our first story was some shameless self promotion of Je
Publish At:2015-06-23 14:15 | Read:4292 | Comments:0 | Tags:Technical Insight Vulnerabilities Web Application Security W

#HackerKast 38: Pulse tests .gov sites, China hacked US government, DuckDuckGo, NSA Quantum Insert attacks and Google fi

Hey All! Welcome to another HackerKast! I’m back whether you like it or not. Gave a quick rundown of my Europe trip before jumping into the news and we started with one of my favorite stories we’ve covered in a while. This one was about a project called Pulse which grabbed every .gov site it could get its hands on and ran an SSL Labs tester on i
Publish At:2015-06-12 21:45 | Read:3364 | Comments:0 | Tags:Industry Observations Technical Insight Vulnerabilities Web

#HackerKast 37: More router hacking, StegoSploit, XSS Polyglot and Columbia Casualty Insurance refuses to pay Cottage He

One more lonely week without Matt Johansen as Jeremiah and I have braved another HackerKast on our own. Thankfully we were comforted by some very interesting stories. Most of them were technical but one of them was around insurance. First up was about router hacking – one of Jer and my favorite topics. It turns out someone has been automating intranet
Publish At:2015-06-03 17:20 | Read:2542 | Comments:0 | Tags:Technical Insight Vulnerabilities Web Application Security W

#HackerKast 36: Moose Router Worm, Adult Friend Finder male users hacked, Firefox and advertising, WHS Stats Report, and

It was just Jeremiah and me again today, as Matt is shamelessly galavanting around Europe at various security conferences (I think it’s safe to hate him for it, isn’t it?). But we had a ton of interesting stories this week to cover and didn’t have much time to do it. The first up was the Moose Router Worm – similar to the Internet Ce
Publish At:2015-05-29 02:35 | Read:2264 | Comments:0 | Tags:Technical Insight Vulnerabilities Web Application Security W

WhiteHat Website Security Statistics Report: From Detection to Correction

While web security used to be a reactionary afterthought, it has evolved to become a necessity for organizations that wish to conduct online business safely. Companies have switched from playing defense to playing offense in a game that is still difficult to win. In an effort to change the game, WhiteHat Security has been publishing its Website Security Stat
Publish At:2015-05-21 09:10 | Read:2502 | Comments:0 | Tags:Industry Observations Technical Insight Web Application Secu

#Hackerkast 35: Airplane hacking, United bug bounty, and SEA hacks Washington Post

Hey Everyone! It was just Jeremiah Grossman and me today, as Matt Johansen is overseas this week attending various security conferences. So we braved on and did a short one with just three major articles. First we covered Airplane hacking and a bit of drama that has been unfolding in the mainstream press related to hacking an airplane while on one. Jerem
Publish At:2015-05-20 16:20 | Read:3019 | Comments:0 | Tags:Vulnerabilities Web Application Security WhiteHat HackerKast

#HackerKast 34: SOHO Routers hacked, 3d printed ammo, Nazis & child porn, PayPal Remote Code Execution, Dubsmash 2,

Hey Everybody! We’re back from our 1 week break due to crazy schedules and even now we are without Jeremiah. Coconuts don’t make great WiFi antennae or something. Started this episode talking about some Vendors who decided to do some weird, bad stuff this past week. In both stories it seems some security vendors were caught being naughty, start
Publish At:2015-05-16 10:50 | Read:3240 | Comments:0 | Tags:Technical Insight Vulnerabilities Web Application Security W

#HackerKast 33: WordPress Core XSS, Spoof Email Tanks Stock, Tesla Defacement via DNS Hack, 451 Status Code, MS15-034 Mi

Hey All! Thanks for checking out this week’s HackerKast! We’re all back and recovering from RSA and my feet still hurt. Starting off with This Week In WordPress Sucks™, we’ve got a vulnerability in WordPress core this time. This is usually not the case as core has been gone over several times with a fine toothed comb, but some persistent X
Publish At:2015-05-01 04:40 | Read:2289 | Comments:0 | Tags:Technical Insight Vulnerabilities Web Application Security W

#HackerKast 31: RSA San Francisco

We have a special and rare treat this week on HackerKast: Jeremiah, Matt and Robert all together in San Francisco for RSAC. They give a brief overview of some of the interesting conversations and topics they’ve come across. A recurring topic in conversations with Robert is about how DevOps can improve security and help find vulnerabilities faster. Matt men
Publish At:2015-04-24 08:35 | Read:1978 | Comments:0 | Tags:Industry Observations Technical Insight Tools and Applicatio

#HackerKast 30: Verizon Supercookie, Tesla Stock April Fools, Bugs in Tor, YouTube Bounty Hack, ‘Do Not Track̵

Hey All! We made it to 30 Episodes! Thanks for coming along for the ride, and hope you’re enjoying HackerKast. Now… the news! First we talked about the follow up to a story we spoke about a few weeks back that had to do with Verizon tracking its customers. They were doing this by implementing a sort of “supercookie” which was injecte
Publish At:2015-04-09 12:25 | Read:2446 | Comments:0 | Tags:Vulnerabilities Web Application Security WhiteHat HackerKast

#HackerKast 29 Bonus Round: Formaction Scriptless Attack

Today on HackerKast, Matt and I discussed something called a Formaction Scriptless Attack. Content Security Policy (CSP) has put a big theoretical dent in cross site scripting. I say theoretical because relatively few sites are taking advantage of it yet; but even if it is implemented to prevent JavaScript from loading on the page, that doesn’t neces
Publish At:2015-04-04 04:10 | Read:1939 | Comments:0 | Tags:Technical Insight Vulnerabilities Web Application Security W

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud