HackDig : Dig high-quality web security articles for hackers

Credential Stuffing: AI’s Role in Slaying a Hydra

One data breach can lead to another. Because so much of the data stolen in breaches ends up for sale on the dark web, a threat actor can purchase authentication credentials — the emails and passwords — of the organization’s employees without having to steal them directly. With that information in hand, threat actors have an open door into
Publish At:2021-01-25 09:29 | Read:130 | Comments:0 | Tags:Data Protection Fraud Protection Identity & Access Artificia

Illinois Court Exposes More Than 323,000 Sensitive Records

Unsecured Server Exposed Records Containing Sensitive Personal Data and Case Notes From Cook County CourtOn September 26, 2020, researchers discovered an unsecured Elasticsearch server exposing more than 323,277 Cook County court related records containing highly sensitive personal data. Cook County, Illinois, is the second most populous county in the U
Publish At:2021-01-25 08:23 | Read:90 | Comments:0 | Tags:NEWS & INDUSTRY Data Protection

Chipmaker Intel Corp. Blames Internal Error on Data Leak

The computer chipmaker Intel Corp. on Friday blamed an internal error for a data leak that prompted it to release a quarterly earnings report early. It said its corporate network was not compromised.The company’s chief financial officer, George Davis, had earlier told The Financial Times that Intel published its earnings ahead of the stock market’s close on
Publish At:2021-01-23 17:23 | Read:86 | Comments:0 | Tags:NEWS & INDUSTRY Data Protection data leak

Sophos: Crypto-Jacking Campaign Linked to Iranian Company

An Iran-based software company is likely behind a recently identified crypto-jacking campaign targeting SQL servers, according to a report by British anti-malware vendor Sophos.The attacks result in the MrbMiner crypto-miner being installed onto the target servers, with the software apparently created, controlled, and hosted by a named Iranian company.The So
Publish At:2021-01-22 14:05 | Read:102 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Em

Intel's Early Earnings Release Triggered by Hack

U.S. chip-making giant Intel Corp. has acknowledged a website hack and premature data disclosure forced the early release of its earnings report for the fourth quarter of 2020.The Santa Clara, Calif.-based company had planned on making the earnings announcement after markets closed on Thursday, but discovered the website breach and the external disclosure of
Publish At:2021-01-22 14:05 | Read:84 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Incident Resp

Enterprise Credentials Publicly Exposed by Cybercriminals

Cybercriminals behind a successful phishing campaign have exposed more than 1,000 corporate employee credentials on the Internet, according to a warning from security vendor Check Point.The corporate account credentials were stolen as part of a phishing campaign that kicked off in August 2020, targeting thousands of organizations worldwide.As part of the cam
Publish At:2021-01-21 14:41 | Read:147 | Comments:0 | Tags:Endpoint Security Mobile Security NEWS & INDUSTRY Privac

Data Classification Is Data Storage

‘Business’ is a verb that practically means the movement of data. If you aren’t sharing data – keeping the books, sharing ideas and stats about sales, getting the correct information regarding the customer or data to the customer – then you aren’t doing much business. But organizations need to protect their data along the way.Infosec has so many ways of prot
Publish At:2021-01-20 00:38 | Read:168 | Comments:0 | Tags:IT Security and Data Protection data classification data pro

For Attackers, Home is Where the Hideout Is

Remember the good ol’ days of playing hide-and-seek? It’s hard to forget the rush of finding the perfect hiding place. I remember crouching into a tiny ball behind the clothes hanging in my mother’s closet, or standing frozen like a statue behind the curtain of our living room window. While it was “just a game” when we were kid
Publish At:2021-01-19 20:53 | Read:109 | Comments:0 | Tags:Data Protection Network Data Breach Internet of Things (IoT)

SaaS Application Backup Firm Rewind Raises $15 Million

Backup-as-a-service (BaaS) provider Rewind on Tuesday announced it has raised $15 million in Series A funding.Founded in 2015, the Ottawa, Canada-based company helps customers secure business-critical software-as-a-service (SaaS) application and cloud data, and claims more than 80,000 organizations in over 100 countries rely on its solutions.Rewind says it p
Publish At:2021-01-19 11:59 | Read:142 | Comments:0 | Tags:NEWS & INDUSTRY Data Protection Management & Strateg

How Small Businesses Can Avoid Cyberattacks in 2021

How Small Businesses Can Avoid Cyberattacks in 2021 January 19th, 2021 No Comments antivirus, Data Privacy, Data Protection, Mobile Security, PC security Across 2020 – and, most likely, throughout 2021 – the priority of small business owners has bee
Publish At:2021-01-19 08:00 | Read:219 | Comments:0 | Tags:antivirus Data Privacy Data Protection Mobile Security PC se

Researchers Estimate Ryuk Ransomware Operations to Be Worth $150 Million

The Ryuk ransomware criminal enterprise is estimated to be worth more than $150,000,000, security researchers say.Initially detailed in 2018 and believed to be operated by Russian cybercriminals, Ryuk has become one of the most prevalent malware families, being used in various high-profile attacks, such as the targeting of Pennsylvania-based UHS and Alabama
Publish At:2021-01-18 16:29 | Read:161 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Fr

FBI Warns of Employee Credential Phishing via Phone, Chat

The Federal Bureau of Investigation has issued a Private Industry Notification (PIN) to warn of attacks targeting enterprises, in which threat actors attempt to obtain employee credentials through vishing or chat rooms.Taking advantage of the COVID-19 pandemic, which has forced the broad adoption of telework, cyber-criminals and threat actors are attempting
Publish At:2021-01-18 16:29 | Read:236 | Comments:0 | Tags:Cyberwarfare Endpoint Security NEWS & INDUSTRY Applicati

WhatsApp Delays Data Sharing Change After Backlash

WhatsApp on Friday postponed a data-sharing change as users concerned about privacy fled the Facebook-owned messaging service and flocked to rivals Telegram and Signal.The smartphone app, a huge hit across the world, canceled its February 8 deadline for accepting an update to its terms concerning sharing data with Facebook, saying it would use the pause to c
Publish At:2021-01-18 12:35 | Read:113 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Compliance Data Protection Priva

Data Security Startup Qohash Raises $6 Million

Canadian data security startup Qohash this week announced it raised CAD 8 million (approximately USD $6.3 million) in Series A funding. The financing was led by FINTOP Capital.Founded in 2018, the Quebec-based company provides customers with solutions focused on data discovery and classification, helping enterprises monitor data across their environments. Fu
Publish At:2021-01-15 18:17 | Read:147 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

NSA Publishes Guidance for Enterprises on Adoption of Encrypted DNS

The National Security Agency (NSA) on Wednesday published guidance for businesses on the adoption of an encrypted domain name system (DNS) protocol, specifically DNS over HTTPS.Designed to translate the domain names included in URLs into IP addresses, for an easier navigation of the Internet, DNS has become a popular attack vector, mainly because requests an
Publish At:2021-01-15 10:29 | Read:90 | Comments:0 | Tags:NEWS & INDUSTRY Data Protection Management & Strateg

Tools

Tag Cloud