HackDig : Dig high-quality web security articles

SeeYouCM-Thief: Exploiting common misconfigurations in Cisco phone systems

1.1      Intro I spent my early IT career working for a Cisco partner that specialized in Cisco phone systems. My work wasn’t directly with the phone systems, but it was usually in an adjacent field like route/switch and security. I did, however, get to see my share of networks that used Cisco phone systems. Today, I work as a
Publish At:2022-01-18 11:58 | Read:120 | Comments:0 | Tags:Penetration Testing Red Team Adversarial Attack Simulation S

Iran-linked APT35 group exploits Log4Shell flaw to deploy a new PowerShell backdoor

Iran-linked APT35 group has been observed leveraging the Log4Shell flaw to drop a new PowerShell backdoor. Iran-linked APT35 cyberespionege group (aka ‘Charming Kitten‘ or ‘Phosphorus‘) has been observed leveraging the Log4Shell flaw to drop a new PowerShell backdoor, Check Point researchers states. The experts also details the
Publish At:2022-01-12 10:20 | Read:180 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Malware APT35 backdo

CISA alerts federal agencies of ancient bugs still being exploited

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its list of known exploited vulnerabilities with 15 new security issues that serve as a frequent attack vector against federal enterprises.The latest additions vary in terms of severity and disclosure date, some of them being rated as medium risks while others are as old as 2013.In
Publish At:2022-01-11 18:34 | Read:73 | Comments:0 | Tags:Security exploit CISA

Full Disclosure DMCA.COM Exploitation

Publisher: Joel Aviad OssiCompany: Pentest <https://websec.nl>company WebSec B.V.Vulnerabilities: Improper access Control, Stored Cross-Site Scripting andImproper Input ValidationDescription: It is possible to inject javascript code into any DMCA accountand takeover the API Token in order to read support messages (It is alsopossible to inject such code
Publish At:2022-01-11 13:15 | Read:281 | Comments:0 | Tags: exploit

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware Horizon systems. The Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems. The ransomware gang started its operations on
Publish At:2022-01-11 10:54 | Read:310 | Comments:0 | Tags:Breaking News Cyber Crime Malware Hacking hacking news infor

Attackers Hitting VMWare Horizon Servers With Log4j Exploits

Threat hunters in the U.K.’s National Health Service have raised an alarm for an unknown threat actor hitting vulnerable VMWare Horizon servers with exploits for the ubiquitous Log4j security flaw.The warning comes almost exactly one month after the first disclosure of a Log4j remote code execution vulnerability that threatens major damage on the internet an
Publish At:2022-01-07 16:52 | Read:190 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Threat actor targets VMware Horizon servers using Log4Shell exploits, UK NHS warns

A threat actor attempted to exploit the Log4Shell vulnerability to hack VMWare Horizon servers at UK NHS and deploy web shells. The security team at the UK National Health Service (NHS) announced to have spotted threat actors exploiting the Log4Shell vulnerability to hack VMWare Horizon servers and install web shells. “An unknown threat group h
Publish At:2022-01-07 13:00 | Read:240 | Comments:0 | Tags:Breaking News Hacking Cybersecurity cybersecurity news hacki

NHS warns of hackers exploiting Log4Shell in VMware Horizon

UK's National Health Service (NHS) has published a cyber alert warning of an unknown threat group targeting VMware Horizon deployments with Log4Shell exploits.Log4Shell is an exploit for CVE-2021-44228, a critical arbitrary remote code execution flaw in the Apache Log4j 2.14, which has been under active and high-volume exploitation since December 2021.Apache
Publish At:2022-01-07 10:41 | Read:249 | Comments:0 | Tags:Security exploit hack

Google Docs commenting feature exploited for spear-phishing

A new trend in phishing attacks emerged in December 2021, with threat actors abusing the commenting feature of Google Docs to send out emails that appear trustworthy.Google Docs is used by many employees working or collaborating remotely, so most recipients of these emails are familiar with these notifications.Since Google itself is being "tricked" into send
Publish At:2022-01-06 14:37 | Read:250 | Comments:0 | Tags:Security exploit

Zloader Banking Malware Exploits Microsoft Signature Verification

The aggressive Zloader banking malware campaign is exploiting Microsoft’s digital signature verification method to inject code into a signed system DLL, according to researchers at Check Point.The campaign has been ongoing since November 2021, leveraging legitimate enterprise remote monitoring and management application Atera for initial access to the target
Publish At:2022-01-05 16:52 | Read:234 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

Threat actors continue to exploit Log4j flaws in their attacks, Microsoft Warns

Threat actors continue to attempt to exploit Apache Log4J vulnerabilities in their campaigns to deploy malware on target systems, Microsoft warns. Microsoft is warning of continuing attempts by nation-state actors and cybercriminals to exploit recently discovered vulnerabilities in the Apache Log4j library to deploy malware on vulnerable systems. Micro
Publish At:2022-01-05 06:57 | Read:207 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

CrowdStrike Beefs Up Exploit Detection With Intel CPU Telemetry

Anti-malware giant CrowdStrike says it is using telemetry from Intel processors to help detect and thwart sophisticated software exploits that bypass traditional OS-based defenses.CrowdStrike said the CPU telemetry is powering a new Hardware Enhanced Exploit Detection feature in its Falcon platform and will help detect complex attack techniques that are noto
Publish At:2022-01-03 16:52 | Read:193 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

Chinese Spies Exploit Log4Shell to Hack Major Academic Institution

China-linked cyberespionage group Aquatic Panda was recently observed exploiting the Log4Shell vulnerability to compromise a large academic institution, CrowdStrike’s Falcon OverWatch team reports.Tracked as CVE 2021-44228 and also referred to as Log4Shell and LogJam, the security hole affects the Apache Log4j Java logging framework and has been exploited in
Publish At:2021-12-29 16:52 | Read:265 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY exploit hack

DoubleFeature, post-exploitation dashboard used by Equation Group APT

Researchers analyzed the DoubleFeature logging tool of DanderSpritz Framework that was used by the Equation Group APT group. Check Point researchers have published a detailed analysis of the DoubleFeature tool used to log post-exploitation activities in attacks conducted by the Equation Group and involving the DanderSpritz malware framework. DanderSpri
Publish At:2021-12-28 10:19 | Read:377 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Malware DanderSpritz

Experts monitor ongoing attacks using exploits for Log4j library flaws

Researchers from DrWeb monitored attacks leveraging exploits for vulnerabilities in the Apache Log4j library Researchers from DrWeb monitored attacks leveraging exploits for vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE2021-4104, and CVE-2021-42550) in the Apache Log4j library warning of the need to adopt protective measures. The vulnerabilities
Publish At:2021-12-27 10:53 | Read:275 | Comments:0 | Tags:Breaking News Hacking Security Cybercrime hacking news infor

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3