HackDig : Dig high-quality web security articles for hackers

Virtualization-Based Security…Bromium 4.0 Takes Isolation Mainstream

We’ve been working hard to get ready for the long anticipated launch of Bromium Secure Platform 4.0. Many of our customers, 35 to be exact, have already had the opportunity to test the release candidates and give feedback. Register now for the upcoming webinar on April 27 to learn more about what’s in the new release of Bromium Secure Platform. Virtualizat
Publish At:2017-04-16 13:05 | Read:3921 | Comments:0 | Tags:Company News 4.0 attacks blacklisting blocking Bromium Secur

The DBIR’s ‘Forest’ of Exploit Signatures

If you follow the recommendations in the 2016 Verizon Data Breach Investigations Report (DBIR), you will expose your organization to more risk, not less. The report’s most glaring flaw is the assertion that the TLS FREAK vulnerability is among the ‘Top 10’ most exploited on the Internet. No experienced security practitioner believes that FREAK is widely expl
Publish At:2016-05-06 02:30 | Read:6309 | Comments:0 | Tags:Attacks Exploits Vulnerabilities exploit

SHA1 algorithm securing e-commerce and software could break by year’s end

SHA1, one of the Internet's most crucial cryptographic algorithms, is so weak to a newly refined attack that it may be broken by real-world hackers in the next three months, an international team of researchers warned Thursday.SHA1 has long been considered theoretically broken, and all major browsers had already planned to stop accepting SHA1-based signature
Publish At:2015-10-08 05:15 | Read:4248 | Comments:0 | Tags:Risk Assessment Technology Lab attacks collisions cryptanaly

BitTorrent patched against flaw that allowed crippling DoS attacks

The maintainers of the open BitTorrent protocol for file sharing have fixed a vulnerability that allowed lone attackers with only modest resources to take down large sites using a new form of denial-of-service attack.Further ReadingHow BitTorrent could let lone DDoS attackers bring down big sitesuTorrent, Mainline, and Vuze most susceptible to DoS abuse,
Publish At:2015-08-27 23:05 | Read:4550 | Comments:0 | Tags:Risk Assessment Technology Lab attacks BItTorrent distribute

How to Harden Your Google Apps

Never let a good incident go to waste. Today, we’re using the OPM incident as an excuse to share with you our top recommendations for shoring up the security of your Google Apps for Work account. More than 5 million companies rely on Google Apps to run their critical business functions, like email, document storage, calendaring, and chat. As a resu
Publish At:2015-07-07 17:35 | Read:5683 | Comments:0 | Tags:Attacks Education Meta

Meterpreter Survey 2015: You spoke, we listened, then wrote a bunch of code.

The Survey One month ago we asked the community for feedback about how they use Metasploit and what they want to see in the Meterpreter payload suite going forward. Over the course of a week we received over 400 responses and over 200 write-in suggestions for new features. We have spent the last month parsing through your responses, identifying dependen
Publish At:2015-03-26 18:00 | Read:5150 | Comments:0 | Tags:metasploit payloads meterpreter attacks ssl verification sur

Healing the Wounds Caused by Health Care Fraud and Health Insurance Fraud

Health care fraud and health insurance fraud are growing problems. According to the latest report from the Ponemon Institute on patient data privacy and security, 90 percent of health care organizations have had at least one breach in the past two years. The report estimates the average economic impact of breaches for such organizations over the past two yea
Publish At:2015-02-26 18:25 | Read:3206 | Comments:0 | Tags:Health Care attacks Compliance Cybersecurity Health Care Fra

Security In The Year 2020

 We now appreciate the revelation that went public in February 2015 that international hackers circumvented what was supposed to be robust systems and defences, and managed to get away with an estimated $1 billion from a spectrum of around 100 banks located in 30 countries in what has been described as systemic cybercrime.With orchestration, the situati
Publish At:2015-02-20 04:10 | Read:3876 | Comments:0 | Tags:Featured Articles Security Awareness attacks banks Informati

Cybercriminals Use Citadel to Compromise Password Management and Authentication Solutions

New Configuration of Citadel Trojan Discovered by IBM Trusteer Researchers In these days of endless breaches, securing user access by enforcing unique, complex passwords and strong authentication is imperative. The onslaught of data breaches in the past year alone, with the majority of the breaches involving compromised credentials, forced users to constantl
Publish At:2014-11-20 03:50 | Read:4950 | Comments:0 | Tags:Banking & Financial Services Energy and Utility Malware Adva

How a CISO Can Use Home Field Advantage to Defeat Attackers

Summer is over and as fall starts to settle in, football season starts again. It was while reviewing my son’s upcoming schedule that he pointed out that some of the earlier games in the season are against teams with more skilled players. However, he quickly pointed out that those games are at home and that this would be a big advantage to him and his t
Publish At:2014-09-24 22:50 | Read:3309 | Comments:0 | Tags:CISO Advanced Attacks Advanced Persistent Threat (APT) attac

Do’s and Don’ts: Security Management in a Growing Company

Security management can be a tedious job. Whether you are the chief information officer (CIO), chief technology officer (CTO) or even the chief executive officer (CEO), it can be hard to deal with possible risks and apply appropriate controls. For companies that maintain their relative size in terms of revenue, number of employees and target markets, this ta
Publish At:2014-09-04 06:30 | Read:3909 | Comments:0 | Tags:Risk Management attacks Chief Information Officer (CIO) Chie

The Role of Human Error in Successful Security Attacks

All humans make mistakes. One of the most intriguing findings from IBM’s “2014 Cyber Security Intelligence Index” is that 95 percent of all security incidents involve human error. Many of these are successful security attacks from external attackers who prey on human weakness in order to lure insiders within organizations to unwittingly pro
Publish At:2014-09-03 09:40 | Read:5145 | Comments:0 | Tags:CISO Risk Management attacks Cyber Security human error IBM

Russian Email Data Breach: Top Ways the Data Could Be Used

On Aug. 4, Hold Security announced that a Russian organized crime ring committed a data breach, snatching over 1.2 billion username and password combinations and 500 million email addresses from multiple sources. The email accounts alone account for almost one-third of the world’s email population, making this the largest known hack to ever be reported
Publish At:2014-08-30 02:20 | Read:3624 | Comments:0 | Tags:Banking & Financial Services Threat Intelligence attacks cre

Why Heartbleed Still Matters: Hindsight in the Age of Pervasive Exploits

Today, we released the third edition of the 2014 IBM X-Force Threat Intelligence Quarterly. One of its key features was a look back over the past four months as we analyzed data and trends in the wake of Heartbleed (CVE-2014-0160), one of the most widespread and impactful security vulnerabilities of all time. From attack trends to vulnerability scoring, this
Publish At:2014-08-25 18:30 | Read:6746 | Comments:0 | Tags:IBM X-Force attacks CVSS Heartbleed Heartbleed OpenSSL vulne

Researchers find it’s terrifyingly easy to hack traffic lights

Taking over a city’s intersections and making all the lights green to cause chaos is a pretty bog-standard Evil Techno Bad Guy tactic on TV and in movies, but according to a research team at the University of Michigan, doing it in real life is within the realm of anyone with a laptop and the right kind of radio. In a paper published this month, the researc
Publish At:2014-08-21 06:00 | Read:4316 | Comments:0 | Tags:Ministry of Innovation Risk Assessment attacks compromise Cy


Tag Cloud