HackDig : Dig high-quality web security articles for hackers

Yandex sysadmin caught selling access to email accounts

Yandex, a European multinational technology firm best known for being the most-used search engine in Russia, has revealed it had a security breach, leading to the compromise of almost 5,000 Yandex email accounts. The company says it spotted the breach after a routine check by its security team. They found that one of their system administrators with acces
Publish At:2021-02-17 13:54 | Read:147 | Comments:0 | Tags:Awareness accidental insider breach cybersecurity awareness

CISOs and CIOs: Protecting Traditional Endpoints Isn’t Enough

As government cyber teams feverishly perform damage control from the SolarWinds hack, one major question for CISOs and CIOs cannot be ignored: “Protecting traditional endpoints isn’t enough; how am I going to assess and protect my mobile devices?”   Threat visibility comes from sensors, and if your mobile devices don’t utilize a mobile threat defense (MTD)
Publish At:2020-12-16 14:51 | Read:282 | Comments:0 | Tags:Mobile Threat Defense advanced mobile threat defense breach

Malwarebytes detects leaked tools from FireEye breach

Hello folks! If you have not heard yet, the security firm FireEye has had a breach of many red team assessment tools used for identification of vulnerabilities to help protect customers. While it is not known exactly who was behind this attack, a big concern is the sharing and use of these stolen red team tools by both sophisticated and non-sophisticated
Publish At:2020-12-10 20:12 | Read:274 | Comments:0 | Tags:Malwarebytes news breach detection FireEye red team rules

Mercy Health Fired Employee Responsible for Insider Breach

Mercy Health revealed that it had fired an employee who was responsible for an insider breach involving its systems.On December 4, Mercy Health posted a notice informing its patients of a medical records incident that had occurred earlier in the year.The bulletin explained that Mercy Health, the fifth largest Catholic health care system in the United States,
Publish At:2020-12-08 10:50 | Read:218 | Comments:0 | Tags:IT Security and Data Protection Latest Security News breach

Cryptocurrency exchange Eterbase hacked, $5.4 million worth of funds stolen

European cryptocurrency exchange platform Eterbase has announced that it has suffered a security breach which saw malicious hackers access its network and steal funds worth US $5.4 million.In a message posted on Telegram, the Slovakian cryptocurrency exchange listed the six hot wallets plundered by cybercriminals for their Ether, Tezos, Bitcoin, ALGO, Ripple
Publish At:2020-09-10 08:43 | Read:535 | Comments:0 | Tags:Featured Articles IT Security and Data Protection breach cry

Twitter apologizes for leaking businesses’ financial data

byLisa VaasTwitter apologized on Tuesday for sticking business clients’ billing information into browser cache – a spot where the uninvited could have had a peek, regardless of not having the right to see it.In an email to its clients, Twitter said it was “possible” that others could have accessed the sensitive information, which incl
Publish At:2020-06-25 07:17 | Read:897 | Comments:0 | Tags:Data loss Privacy Security threats Twitter advertising platf

Woman stalked by sandwich server via her COVID-19 contact tracing info

byLisa VaasMayo? Mustard? Creep who takes your sandwich order plus the personal details you handed over for contact tracing?That’s not what I ordered, said a woman in Auckland, New Zealand, whose trip to a Subway fast-food shop led to a restaurant worker reaching out to pester her on Facebook, Instagram, Messenger and via text.As the local news outlet
Publish At:2020-05-18 12:28 | Read:1015 | Comments:0 | Tags:Data loss Privacy Security threats breach contact tracing co

Boots yanks loyalty card payouts after 150K accounts get stuffed

byLisa VaasBoots, a UK pharmacy chain, has suspended payments on the loyalty cards of 14.4 million active customers after its security team spotted “unusual” activity on a number of Boots Advantage Card accounts.It wasn’t hacked, the company said in a statement, and this isn’t what you’d classify as a breach. Intruders didn’t get into
Publish At:2020-03-06 08:12 | Read:1182 | Comments:0 | Tags:2-factor Authentication Security threats 2FA Advantage Card

How to Get Started in Digital Forensics

If you want to become a digital forensic expert, be aware that when entering the field, you will be presented with an abundance of information that you will not know. It is a wonderfully challenging career path. Some believe that having the title of a cybersecurity professional (e.g. digital forensics expert, cybersecurity analyst, incident response commande
Publish At:2020-02-24 01:53 | Read:1496 | Comments:0 | Tags:Featured Articles Incident Detection breach Digital Forensic

Gaining Insight Into the Ponemon Institute’s 2020 Cost of Insider Threats Report

Today, I’m pleased to share some of the key findings from the 2020 Cost of Insider Threats Global Report. This is the third benchmark study, independently sponsored by IBM Security and ObserveIT to help understand the direct and indirect costs that result from insider threats. The first study was conducted in 2016 and focused exclusively on companies i
Publish At:2020-02-09 10:30 | Read:1217 | Comments:0 | Tags:CISO Security Services Access Management Breach Credentials

Payment Cards Exposed in Wawa Breach Offered for Sale on Dark Web

Digital criminals posted customers’ payment card details exposed in the 2019 Wawa data breach for sale on a dark web marketplace.In December 2019, the Joker’s Stash first announced what it called the “BIGBADABOOM-III” breach.Advertisements posted by the dark web marketplace announced that the breach included over 30 million payment ca
Publish At:2020-02-09 10:22 | Read:908 | Comments:0 | Tags:IT Security and Data Protection Latest Security News breach

Securing the MSP: their own worst enemy

We’ve previously discussed threats to managed service providers (MSPs), covering their status as a valuable secondary target to both an assortment of APT groups as well as financially motivated threat groups. The problem with covering new and novel attack vectors, however, is that behind each new vector is typically a system left unpatched, asset manag
Publish At:2020-01-30 16:50 | Read:1568 | Comments:0 | Tags:Opinion advanced persistent threat advanced persistent threa

A week in security (January 20 – 26)

Last week on Malwarebytes Labs, we reported on a Ryuk ransomware attack on The Tampa Bay Times, a newspaper in Florida; unmasked an elaborate browser locking scheme behind the more advanced tech support operations that are currently active; and looked at the latest laws on regulating deepfakes. Other cybersecurity news Cisco’s Talos Intelligence Group
Publish At:2020-01-27 16:50 | Read:1419 | Comments:2 | Tags:A week in security Apple awis blog recap breach facebook phi

Breachless Threat Intelligence: A Pain-Free Approach to CyberSecurity

Enterprises need a steady stream of actionable, timely, and accurate threat intelligence on targeted malicious intrusions and attempts into their networks They need this information without suffering breaches and cannot rely solely on post-compromise forensics or sandbox simulations to continuously tighten and adapt their defenses Pre-breach targeted intell
Publish At:2017-07-17 06:40 | Read:4913 | Comments:0 | Tags:Innovation breach breachless detection disposable Forensics

As Vendors Talk WannaCry, We Want You to Know What You Can Expect from Bromium

As WannaCry went nuts last week and everyone moved quickly to support one another; we all moved on our best intelligence at the time. Because most ransomware is typically delivered via email, website or file, we worked with our customers to make sure their endpoints were protected. One week later, I wanted to take a moment to be absolutely transparent about
Publish At:2017-05-20 10:20 | Read:5892 | Comments:0 | Tags:Company News breach crypto-malware detection enterprise Isol

Tools

Tag Cloud