HackDig : Dig high-quality web security articles for hacker

September Patch Tuesday, patch your Windows now to avoid ugly surprises

Microsoft has just released the September Patch Tuesday, a huge batch of security updates to address 81 vulnerabilities including Blueborne issue. Microsoft has just released the September Patch Tuesday, a huge batch of security updates to address 81 vulnerabilities in almost any supported versions of Windows and other MS products. The batch includes secu
Publish At:2017-09-14 03:50 | Read:289 | Comments:0 | Tags:Breaking News Security Blueborn attack Hacking RCE September

Interesting List of Windows Processes Killed by Malicious Software

Just a quick blog post about an interesting sample that I found today. Usually, modern pieces of malware implement anti-debugging and anti-VM techniques. They perform some checks against the target and when a positive result is found, they silently exit… Such checks might be testing the screen resolution, the activity of a connected user, the presence
Publish At:2017-09-07 05:50 | Read:229 | Comments:0 | Tags:Malware Security Process windows

ZPI: One approach to rule them all

Introduction In 1975, a book was published that changed the way we approach complex problems. Inspired on how nature works “Adaptation in Natural and Artificial Systems” set the bases of genetic algorithms. The release date of this blogpost is strongly linked to that book, it is a symbolic tribute to its author, John Henry Holland, who passed out
Publish At:2017-08-10 08:55 | Read:375 | Comments:0 | Tags:Android iOS Mobile security Mobile Threat Defense Windows Ze

Microsoft won’t patch the 20-year-old SMBv1 SMBloris flaw disclosed at DEF CON conference

Microsoft has announced that the SMBv1 SMBloris bug described at DEF CON won’t be patched because it could be fixed simply blocking incoming connections. Recently security researchers at RiskSense have identified a 20-year-old Windows SMB vulnerability they called SMBloris (a nod to the Slowloris DoS attack.), they presented their findings at the recen
Publish At:2017-07-31 06:15 | Read:373 | Comments:0 | Tags:Breaking News Hacking DEF CON 25 ETERNALBLUE SMB SMBLoris Wi

DEF CON Talk Will Expose The Latest SMB Vulnerability SMBLoris

Security researchers at RiskSense have identified a 20-year-old Windows SMB vulnerability they are calling SMBloris, a DEF CON Talk Will Expose it. Server Message Block (SMB) has been a foundational piece of Microsoft Windows’ networking all the way back to the LAN Manager days, facilitating “shared access to files, printers and serial ports.R
Publish At:2017-07-28 04:36 | Read:562 | Comments:0 | Tags:Breaking News Hacking def con ETERNALBLUE SMB Windows Vulner

CowerSnail, from the creators of SambaCry

We recently reported about SambaCry, a new family of Linux Trojans exploiting a vulnerability in the Samba protocol. A week later, Kaspersky Lab analysts managed to detect a malicious program for Windows that was apparently created by the same group responsible for SambaCry. It was the common C&C server that both programs used – cl.ezreal.space:20480 – t
Publish At:2017-07-25 11:30 | Read:223 | Comments:0 | Tags:Research Backdoor malware description Windows

A Russian man involved in the development and maintenance of Citadel was sentenced to five years in prison

The Russian hacker Mark Vartanyan was sentenced to five years in prison for his involvement in the development and maintenance of the Citadel botnets. It’s a terrific moment for cyber criminals, law enforcement worldwide continues their fight against illegal activities online and the recent shut down of AlphaBay and Hansa black markets demonstrate it.
Publish At:2017-07-23 05:40 | Read:317 | Comments:0 | Tags:Breaking News Cyber Crime Malware banking trojan Citadel Cyb

Zero Packet Inspection

Introduction In this blogpost I describe the history of z9, our detection engine. I will show its performance over reference data sets commonly used in the machine learning community. I’ll then describe how we apply it to detect networks attacks without any type of packet inspection. Eventually, we encourage you to participate by helping us gather and
Publish At:2017-07-11 22:35 | Read:416 | Comments:0 | Tags:0-Packet Android iOS Machine Learning Mobile Malware Mobile

The Promise of a Unified App Catalog for the Enterprise

Applications can improve the way we get through the day. There are apps for shopping, getting to your next destination, staying abreast of the latest news, keeping in touch with loved ones — no matter what you need, chances are there’s an app for it. It’s no different for enterprises. Apps have helped revolutionize entire industries and have beco
Publish At:2017-07-11 15:55 | Read:451 | Comments:0 | Tags:Application Security Endpoint Mobile Security Apple Applicat

Going Through a Rough Patch in Your Security Program? Consistent Software Patching Can Solve Security Woes

Security is an imperfect art. It’s also an imperfect science. Whether it involves experimenting with certain tweaks or implementing proven standards and prescriptive advice, figuring out how to manage a security program is as complex as navigating any other business function. According to the Pareto Principle, security professionals should focus on the
Publish At:2017-07-03 23:50 | Read:282 | Comments:0 | Tags:Endpoint Network Risk Management Adobe Patch Patch Managemen

Don’t Wait for the Next WannaCry — Update Your SMB Protocol Before It’s Too Late

Much has been written about WannaCry, and the security community has learned countless valuable lessons from the unprecedented ransomware attack. One thing that is seldom mentioned, however, is how to protect your infrastructure against future Server Message Block (SMB) exploits. Removing the Insecure SMB Protocol Microsoft has three different versions of
Publish At:2017-06-09 10:30 | Read:733 | Comments:0 | Tags:Network Exploit Infrastructure Protection Microsoft Network

FileSystem NTFS Bug Crashes Windows 7 and Windows 8.1

A FileSystem NTFS Bug could be exploited to crash Windows 7 and Windows 8.1, using Chrome browser you can avoid problems. Until Microsoft patches this problem, use Chrome: a slip in file-path handling allows an attacker to crash Windows 7 and Windows 8.1 with a file call. A bug in the way Microsoft handle file-path could be exploited by attackers to crash Wi
Publish At:2017-05-29 10:45 | Read:483 | Comments:0 | Tags:Breaking News Hacking NTFS Bug Windows

As Vendors Talk WannaCry, We Want You to Know What You Can Expect from Bromium

As WannaCry went nuts last week and everyone moved quickly to support one another; we all moved on our best intelligence at the time. Because most ransomware is typically delivered via email, website or file, we worked with our customers to make sure their endpoints were protected. One week later, I wanted to take a moment to be absolutely transparent about
Publish At:2017-05-20 10:20 | Read:674 | Comments:0 | Tags:Company News breach crypto-malware detection enterprise Isol

Are you ready for the next ransomware attack?

Top 5 Tips to Avoid Ransomware Attack #NoWeDontWannaCry On Saturday, cybercriminals managed to infect businesses from more than one hundred and fifty countries with malicious software. The ransomware was spreading through a fault in the Windows OS. Microsoft immediately issued emergency patches for Windows XP, Windows 8, and Windows Server 2003 and encourage
Publish At:2017-05-16 19:15 | Read:530 | Comments:0 | Tags:Malware Mobile News cybersecurity Ransomware urgent Windows

WannaCry Ransomware Racing Around the World, Wreaking Havoc

This is a special rapid response blog to breaking news about the WannaCry ransomware attack that is now being seen in more than 100 countries. We’ll be updating our blog with additional news as we learn more.  “No x-rays/bloods/bleeps/phones/notes. This is unprecedented. It will be a miracle if no-one comes to harm.” This dramatic tweet from an Nationa
Publish At:2017-05-13 12:35 | Read:569 | Comments:0 | Tags:Breaking News Threats breach breaking news endpoint microsof

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud