HackDig : Dig high-quality web security articles for hacker

Android Webview Exploited

There are plenty of articles explaining the security issues with android webview, like this article & this one. Many of these resources talk about the risks that an untrusted page, loaded inside a webview, poses to the underlying app. The threats become more prominent especially when javascript  and/or the javascript interface is enabled on the webview.
Publish At:2020-04-04 15:36 | Read:14 | Comments:0 | Tags:BackToBasics LeftBrain exploit

Firefox 74.0.1 addresses two zero-days exploited in the wild

Mozilla releases Firefox version 74.0.1 to address two vulnerabilities exploited by threat actors in attacks in the wild, users should update their browsers asap. Mozilla is urging users to install the latest version of its browser, Firefox 74.0.1, which addresses two bugs that are being exploited in the wild by threat actors. The two vulnerabilities
Publish At:2020-04-04 15:17 | Read:117 | Comments:0 | Tags:Security Firefox Hacking hacking news it security it securit

Hackers exploited IE and Firefox flaws in attacks on entities in China, Japan

An APT group is exploiting the flaws patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan. An APT group is exploiting two vulnerabilities patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan. The first issue, tracked as CVE-2019-17026, affects the Firefox browser and wa
Publish At:2020-04-02 17:58 | Read:137 | Comments:0 | Tags:Breaking News Hacking China Firefox IE information security

Firefox, IE Vulnerabilities Exploited in Attacks on China, Japan

Vulnerabilities patched earlier this year in Firefox and Internet Explorer have been exploited by an advanced persistent threat (APT) actor in attacks aimed at China and Japan.The Firefox vulnerability is CVE-2019-17026, which Mozilla patched in early January, and the Internet Explorer flaw is CVE-2020-0674, which Microsoft patched in February with its month
Publish At:2020-04-02 12:27 | Read:71 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Virus & Threats Virus &

Ransomware Attackers Exploit #COVID19 to Target Hospital VPNs

Microsoft has been forced to alert several dozen hospitals in a “first of its kind notification” that their gateway and VPN appliances are vulnerable to ransomware groups actively scanning for exposed endpoints.The tech giant claimed that attackers behind the REvil (Sodinokibi) variant, for one, are probing the internet for vulnerable systems, wi
Publish At:2020-04-02 07:36 | Read:102 | Comments:0 | Tags: exploit

Experts published PoC exploits for CVE-2020-0796 privilege escalation flaw on Windows

Researchers published proof-of-concept (PoC) exploits for the CVE-2020-0796 Windows flaw, tracked as SMBGhost, that can be exploited for local privilege escalation. Researchers Daniel García Gutiérrez (@danigargu) and Manuel Blanco Parajón (@dialluvioso_) have published proof-of-concept (PoC) exploits for the CVE-2020-0796 Windows vulnerability, tracked a
Publish At:2020-04-01 07:49 | Read:125 | Comments:0 | Tags:Breaking News Hacking CVE-2020-0796 hacking news it security

No, Houseparty hasn’t hacked your phone and stolen your bank details

byPaul DucklinIf you’re at home right now – and who isn’t? – then you’ve probably heard of Houseparty.It’s a social networking app that came out back in 2015 and was bought by Epic Games – famous for Unreal and Fortnite – in the middle of 2019.The name gives you a good idea of what is does: simply put, you go o
Publish At:2020-03-30 17:20 | Read:181 | Comments:0 | Tags:Android Exploit hacking Houseparty ios

Zeus Sphinx spam campaign attempt to exploit Coronavirus outbreak

The Zeus Sphinx malware is back, operators are now spreading it exploiting the interest in the Coronavirus outbreak. The Zeus Sphinx malware is back, it was observed in a new wave of attacks attempting to exploit the interest in the Coronavirus outbreak. Experts from IBM X-Force uncovered a hacking campaign employing the Zeus Sphinx malware, as known
Publish At:2020-03-30 13:41 | Read:168 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware covid19 Cybercrime

Vulnerabilities in DrayTek Enterprise Routers Exploited in Attacks

Threat actors have been exploiting a couple of vulnerabilities affecting some DrayTek enterprise routers in attacks that started before patches were released by the vendor.DrayTek is a Taiwan-based manufacturer of networking equipment, including routers, firewalls, broadband customer premises equipment (CPE), and VPN devices.In early December 2019, researche
Publish At:2020-03-30 08:34 | Read:198 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Vulnerabilities Cybe

Europol: Criminals Exploit Virus Crisis as Fresh Opportunity

Criminals are preying on a fearful public and disrupting the provision of medical care during the coronavirus pandemic by selling counterfeit products, impersonating health workers and hacking computers as many citizens do their jobs online at home, European law enforcement agency Europol said Friday.In one instance, a cyberattack on a major hospital in the
Publish At:2020-03-28 13:10 | Read:240 | Comments:0 | Tags:NEWS & INDUSTRY Cybercrime Virus exploit

Russian Hackers Exploited Windows Flaws in Attacks on European Firms

Financially-motivated hackers believed to be operating out of Russia recently targeted companies in Western Europe, and the attacks apparently involved a combination of two Windows vulnerabilities that Microsoft did not expect to be exploited.According to Singapore-based cybersecurity firm Group-IB, the threat groups tracked as TA505 (aka Evil Corp) and Sile
Publish At:2020-03-27 16:04 | Read:360 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

0patch releases free unofficial patches for Windows 0days exploited in the wild

ACROS Security’s 0patch service released unofficial patches for two Windows flaws actively exploited by attackers in the wild. ACROS Security’s 0patch service released unofficial patches for two Windows vulnerabilities actively exploited by attackers in the wild, both issues have yet to be fixed by Microsoft. A few days ago, Microsoft warned of hacker
Publish At:2020-03-27 14:00 | Read:162 | Comments:0 | Tags:Breaking News Security 0Patch Hacking information security n

Unofficial Patches Released for Exploited Windows Font Processing Flaws

ACROS Security’s 0patch service has developed unofficial patches for two actively exploited Windows vulnerabilities for which Microsoft has yet to release fixes.Microsoft revealed earlier this week that it had become aware of targeted attacks exploiting two Windows zero-days related to the way the Adobe Type Manager library handles Type 1 PostScript fonts.Ad
Publish At:2020-03-27 08:29 | Read:253 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities exploit

iOS exploit chain deploys LightSpy feature-rich malware

A watering hole was discovered on January 10, 2020 utilizing a full remote iOS exploit chain to deploy a feature-rich implant named LightSpy. The site appears to have been designed to target users in Hong Kong based on the content of the landing page. Since the initial activity, we released two private reports exhaustively detailing spread, exploits, infrast
Publish At:2020-03-26 14:33 | Read:308 | Comments:0 | Tags:APT reports Featured Apple iOS APT Backdoor Google Android I

Spyware Delivered to iPhone Users in Hong Kong Via iOS Exploits

A recently observed campaign is attempting to infect the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to take over devices, Trend Micro reports.The attack involved the use of malicious links posted on forums popular in Hong Kong, which led users to real news sites where a hidden iframe would load and run malware. Vulnerabilities a
Publish At:2020-03-26 13:31 | Read:185 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Virus & Threats Viru

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud