HackDig : Dig high-quality web security articles for hackers

Cloud Security Company Lightspin Emerges From Stealth Mode

Israel-based cloud security company Lightspin announced on Tuesday that it has emerged from stealth mode with $4 million in seed funding.Lightspin provides what it describes as a contextual cloud security platform designed to help organizations protect cloud-native applications, Kubernetes and microservices. The company says its product uses graph-based tool
Publish At:2020-11-25 09:53 | Read:55 | Comments:0 | Tags:NEWS & INDUSTRY Cloud Security Management & Strategy

#COVID19 Drives Massive Multi-Cloud Adoption

Multi-cloud adoption grew by 70% year-over-year in 2020 outpacing the previous 12 months by more than 20%.According to the Continuous Intelligence Report The State of Modern applications, DevSecOps and the Impact of COVID-19 from Sumo Logic, customers adopted CloudTrail (60%), VPC Flow Logs (34%) and GuardDuty (22%) to meet the expanded need f
Publish At:2020-11-23 10:02 | Read:84 | Comments:0 | Tags: Cloud

Faith App Pray.com Exposes Millions Through Cloud Misconfig

A popular Christian faith app has unwittingly exposed the personal data of up to 10 million users dating back several years, after misconfiguring its cloud infrastructure, researchers have warned.Santa Monica-headquartered Pray.com claims to be the “#1 App for daily prayer and biblical audio content” and has been downloaded over a million times f
Publish At:2020-11-20 11:50 | Read:71 | Comments:0 | Tags: Cloud

Chinese Cloud Hopper Attackers Use Zerologon in New Campaign

Chinese state-sponsored attackers are operating a major global campaign against multiple verticals exploiting the Zerologon vulnerability, according to new research from Symantec.The security giant claimed that the Cicada group (aka APT10, Cloud Hopper) is targeting Japanese companies and their subsidiaries in 17 countries with information-stealing attacks.
Publish At:2020-11-19 08:32 | Read:167 | Comments:0 | Tags: Cloud

Mac and iOS Keychain Tutorial: How Apple’s iCloud Keychain Works

Your use passwords to log into websites and services, and since there are so many of them, it’s hard to remember them. It’s a bad idea to use the same password for different websites, because if one site is compromised, hackers will have an email address and password that they can try on other sites. Because of this, you need to ensure that your
Publish At:2020-11-19 01:14 | Read:168 | Comments:0 | Tags:How To iCloud iOS Keychain Mac password security IOS Cloud

The Value of a Compromised Cloud Account

With more than 250 million monthly users, it’s easy to understand why attacks targeting Office 365 cloud accounts are one of the fastest-growing security concerns. Even before the COVID-19 crisis, cyber-criminals discovered the value of a compromised cloud account - the sudden shift to remote working simply accelerated this trend.Microsoft is now the m
Publish At:2020-11-18 09:08 | Read:85 | Comments:0 | Tags: Cloud

Container security on IBM Cloud

If you’re running containers and Kubernetes on IBM Cloud, you can now enable the key security workflows of Sysdig Secure as a service within your IBM Cloud deployments. This makes it easier for you to implement security tools and policies to ensure your containers and your Kubernetes environment are protected and running as intended. The new container and
Publish At:2020-11-17 11:25 | Read:170 | Comments:0 | Tags:IBM Cloud Kubernetes Sysdig Secure Image scanning runtime se

Over 80,000 ID Cards and Fingerprint Scans Exposed in Cloud Leak

A US-based used electronics retailer has exposed over 2.6 million files, including ID cards and biometric images, after a misconfigured AWS S3 bucket was discovered.Researchers at Website Planet traced the instance back to California-based TronicsXchange, previously trading as GreenElectronicsExchange (GEEx).A random scan for server vulnerabilities led to th
Publish At:2020-11-17 09:44 | Read:78 | Comments:0 | Tags: Cloud

Data Security: Building for Today’s Hybrid Cloud World

When it comes to data security, do you feel you have the full story? And if you do, is that full story captured in one book or across different volumes? Due to what some in the industry have lovingly called ‘tool sprawl,’ the average IT and security team spends its day referencing anywhere from 10 to 30 different solutions. If even a fraction of
Publish At:2020-11-12 14:52 | Read:167 | Comments:0 | Tags:Cloud Security Security Services Data Security Hybrid Cloud

Implement Cloud Security Best Practices With This Guide

As more employees opt for remote work, organizations rely on cloud computing options for easy access to corporate data and applications. This dependence on the cloud also puts a new emphasis on cloud security.   Yet, cloud security continues to be an afterthought for many companies. Industry leaders may be confused over who is responsible for security
Publish At:2020-11-12 10:58 | Read:84 | Comments:0 | Tags:Cloud Security Cloud Computing Cloud Strategy Cloud security

NVIDIA fixes severe flaw in GeForce NOW cloud gaming service

NVIDIA released a security update for the GeForce Now cloud gaming Windows app to address a vulnerability that could allow attackers to execute arbitrary code or escalate privileges on systems running unpatched software.GeForce Now is a cloud-based game streaming service that allows users over 80 countries with paid subscriptions to
Publish At:2020-11-11 16:00 | Read:139 | Comments:0 | Tags:Security Software Cloud

Chinese-linked Muhstik botnet targets Oracle WebLogic, Drupal

Muhstik botnet, also known as Mushtik, has been targeting cloud infrastructure and IoTs for years.The botnet mainly funds itself by mining cryptocurrency using open source tools like XMRig and cgminer.New details have emerged related to this malware that shed light on its nefarious activities and origins.What is Muhstik?Muhstik 
Publish At:2020-11-11 12:06 | Read:182 | Comments:0 | Tags:Security Cloud botnet

Getting to Know Cloudjacking and Cloud Mining Could Save Your Business

Reading Time: ~ 4 min. A few years back, cryptojacking and cryptomining emerged as relatively low-effort ways to profit by hijacking another’s computing resources. Today, cloudjacking and cloud mining capitalize on similar principles, only by targeting the near infinite resources of the cloud to generate revenue for attackers. Knowing this growing threat is
Publish At:2020-11-10 18:02 | Read:85 | Comments:0 | Tags:Business + Partners Managed Service Providers cryptocurrency

Zix Acquires CloudAlly

Texas security technology company Zix Corporation has acquired an Israeli cloud-based backup and recovery provider that will turn ten in 2021.CloudAlly describes itself as a pioneer of enterprise-grade Software-as-a-Service (SaaS) cloud backup and recovery solutions that serves more than 5,000 customers and boasts around 25
Publish At:2020-11-10 17:49 | Read:129 | Comments:0 | Tags: Cloud

New Windows 10 policy lets you disable cloud customized taskbars

Microsoft has added a new group policy in Windows 10 20H2 that allows you to disable a new feature that customizes the taskbar based on what accounts or devices you have.In the Windows 10 Insider Build 20161, Microsoft introduced a new feature called "Programmable Taskbar" that customizes the Windows 10 taskbar when logging into an account for the first time
Publish At:2020-11-06 19:00 | Read:186 | Comments:0 | Tags:Microsoft Cloud

Tools