HackDig : Dig high-quality web security articles

Millions put at risk by old, out of date routers

Since the first stay-at-home measures were imposed by governments to keep everyone safe from the worsening COVID-19 pandemic, we at Malwarebytes have been making sure that you, dear reader, are as cyber-secure as possible in your home network, while you try to work and while your children attend online classes. There has been much discussion of antivirus
Publish At:2021-05-07 16:24 | Read:131 | Comments:0 | Tags:Awareness internet service provider ISP Kate Bevan router ro

11-13 year old girls most likely to be targeted by online predators

The Internet Watch Foundation (IWF), a not-for-profit organization in England whose mission is “to eliminate child sexual abuse imagery online”, has recently released its analysis of online predator victimology and the nature of sexual abuse media that is currently prevalent online. The scope of the report covered the whole of 2020. IWF annual
Publish At:2021-04-26 10:09 | Read:145 | Comments:0 | Tags:Awareness annual report child sexual assault material Childl

What in the World Is a CISO?

Whilst employment has taken a downward curve over the last year or so, there are a variety of approaches I use when applying for a role to help my CV stand out. One key point is knowing what the job entails before submitting my cover letter and CV. This allows me to tailor my message effectively. Additionally, it enables me to find positions that I might not
Publish At:2021-04-21 02:02 | Read:275 | Comments:0 | Tags:Featured Articles awareness CISO

CodeCov supply-chain compromise likened to SolarWinds attack

CodeCov, a company that creates software auditing tools for developers, was recently breached (the company says it was breached on April 1, and reported it on the April 15). According to investigators, this incident, in turn, gave attackers access to an unknown number of CodeCov’s clients’ networks. One cannot help but think that this knock-on breac
Publish At:2021-04-20 17:04 | Read:275 | Comments:0 | Tags:Awareness Basher Uploader CodeCov FireEye Read Team tools so

Shady scam bots trick Omegle users into nonconsensual video sex recordings

14-year old Michael (not his real name) from Scandinavia first visited Omegle, the video online chat that has become hugely popular since the start of the pandemic, after hearing about “unpredictable and weird encounters” one may experience on the site from other students in school. He was intrigued. At the end of his “session”, ho
Publish At:2021-04-16 15:09 | Read:322 | Comments:0 | Tags:Awareness omegle sex-baiting bot VCW video cam whores

Ransomware disrupts food supply chain, Exchange exploitation suspected

When malware found its way into the network of Bakker Logistiek, a company specializing in the transport and warehousing of food and other products, on the night of 4 to 5 April, its IT systems ground to a halt. And, along with them, the reception of orders from clients, and the delivery of goods to branches of Albert Heijn, the largest supermarket chain in
Publish At:2021-04-14 08:19 | Read:196 | Comments:0 | Tags:Awareness Ransomware Albert Heijn Bakker Logistiek Black Kin

When contractors attack: two years jail for vengeful IT admin

An IT contractor working for an IT consultancy company took it upon himself to perform an act of revenge against the firm he worked at, after they complained about his performance. The charge he faced was breaking into the network of a company in Carlsbad, California. And it got him two years in prison. What happened? Deepanshu Kher was helping a clien
Publish At:2021-03-23 16:54 | Read:256 | Comments:0 | Tags:Awareness insider threat IT contractor microsoft office 365

FBI warns of increase in PYSA ransomware attacks targeting education

On March 16, the Federal Bureau of Investigation (FBI) issued a “Flash” alert on PYSA ransomware after an uptick on attacks this month against institutions in the education sector, particularly higher ed, K-12, and seminaries. According to the alert [PDF], the United Kingdom and 12 states in the US have already affected by this ransomware family.
Publish At:2021-03-17 08:48 | Read:292 | Comments:0 | Tags:Awareness Ransomware CERT France fbi FBI PSA Maze Mega.nz Me

5 common VPN myths busted

Virtual Private Networks (VPNs) are popular but often misunderstood. There are many misconceptions about them—misconceptions that may be stopping people from adding a useful layer to their security and privacy defenses. So, let’s do some myth busting. 1. VPNs are for illegal activity Some people think that VPNs are only useful for doing things
Publish At:2021-03-11 12:24 | Read:322 | Comments:0 | Tags:Awareness carrier geo-locked ISP myth netflix vpn

International Women’s Day: Women in tech name their heroes

Happy Monday! And if you haven’t yet checked the significance of this day—March 8—before grabbing coffee, today is International Women’s Day (IWD). Since March 19, 1911, the year the very first IWD was observed in several European countries, millions of people have been calling for women to be given more rights, which includes the right to work, vote, and
Publish At:2021-03-08 10:18 | Read:350 | Comments:0 | Tags:Awareness International women’s day IWD 2021 Zero's (s)

Omegle investigation raises new concerns for kids’ safety

Social media site Omegle is under fire after an investigation found boys using the platform to expose themselves on camera, and adults exposing themselves to minors. Omegle users are paired with a random stranger who they can socialize with via text or video chat. An investigation by the British Broadcasting Corporation (BBC) found boys and adults exposin
Publish At:2021-02-20 12:06 | Read:468 | Comments:0 | Tags:Awareness BBC child pornography Chris Hughes covid-19 Intern

North Korean hackers charged with $1.3 billion of cyberheists

The US Department of Justice recently unsealed indictments detailing North Korea’s involvement in several global cyberattack campaigns against institutions in the financial and entertainment sectors, and money laundering schemes in certain US states. The first unsealed indictment is for hacking activities done by three computer programmers from Nort
Publish At:2021-02-19 16:36 | Read:457 | Comments:0 | Tags:Awareness Advanced Persistent Threat 38 advanced persistent

Yandex sysadmin caught selling access to email accounts

Yandex, a European multinational technology firm best known for being the most-used search engine in Russia, has revealed it had a security breach, leading to the compromise of almost 5,000 Yandex email accounts. The company says it spotted the breach after a routine check by its security team. They found that one of their system administrators with acces
Publish At:2021-02-17 13:54 | Read:365 | Comments:0 | Tags:Awareness accidental insider breach cybersecurity awareness

Clubhouse under scrutiny for sending data to Chinese servers

The audio-chat app Clubhouse is the latest rage in the social media landscape. What makes it so popular and, now it’s part of the social media landscape, can we trust it? The Clubhouse app Clubhouse was launched about a year ago and was initially only used by Silicon Valley’s rich and famous. It is different from other social media in that it foc
Publish At:2021-02-17 13:54 | Read:453 | Comments:0 | Tags:Awareness agora alex stamos china chinese servers clubhouse

Android emulator abused to introduce malware onto PCs

Emulators have played a part in many tech-savvy users’ lives. They introduce a level of flexibility that not only allows another system to run on top of a user’s operating system—a Windows OS running on a MacBook laptop, for example—but also allows video gamers to play games designed to work on a different platform than the one they own. Recently, ESET re
Publish At:2021-02-05 17:12 | Read:449 | Comments:0 | Tags:Awareness massive multiplayer online MMO Operating NightScou