HackDig : Dig high-quality web security articles for hackers

Carding Action 2020: Group-IB supports Europol-backed operation saving €40 million

Carding Action 2020 targeted crooks selling/purchasing compromised card data on sites selling stolen cred itcard data and darkweb marketplaces Group-IB, a global threat hunting and intelligence company, has supported Carding Action 2020 – a cross-border operation led by Europol’s European Cyber Crime Centre (EC3) with the support from law enforcement agen
Publish At:2020-11-26 11:55 | Read:81 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web carding credit card Cyber

A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed

Researcher discovers a zero-day vulnerability in Windows 7 and Windows Server 2008 while he was working on a Windows security tool. The French security researcher Clément Labro discovered a zero-day vulnerability was discovered while the security researcher was working on an update Windows security tool. The researcher was developing his own Windows pr
Publish At:2020-11-26 09:20 | Read:119 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Belden discloses data breach as a result of a cyber attack

Belden, the manufacturer of networking and cable products, disclosed a data breach, threat actors have stolen employee and business information. The manufacturer of networking and cable products Belden disclosed a data breach, the company revealed that attackers gained “unauthorized access and copying of some current and former employee data, as well as l
Publish At:2020-11-25 19:31 | Read:113 | Comments:0 | Tags:Breaking News Data Breach Hacking Belden data breach hacking

Watch out, WAPDropper malware could subscribe you to premium services

Researchers spotted a new mobile malware dubbed WAPDropper that subscribes users to legitimate premium-rate services. Security researchers from Check Point have spotted a new malware family dubbed WAPDropper that targets mobile phone users to subscribe them to legitimate premium-rate services. Check Point experts observed the WAPDropper subscribing una
Publish At:2020-11-25 11:12 | Read:82 | Comments:0 | Tags:Breaking News Malware Mobile fraud Hacking hacking news info

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Retail giant Home Depot has agreed to a $17.5 million settlement in a multi-state investigation of the data breach that the company suffered in 2014. The US largest home improvement retailer giant Home Depot agrees to $17.5 million settlement over the 2014 data breach. In 2014, Home Depot revealed that the data breach impacted 56 million customers acro
Publish At:2020-11-25 11:12 | Read:166 | Comments:0 | Tags:Breaking News Security data breach Hacking hacking news Home

UK NCSC’s alert urges orgs to fix MobileIron CVE-2020-15505 RCE

The UK NCSC issued an alert to urge organizations to patch the critical CVE-2020-15505 RCE vulnerability in MobileIron MDM systems. The UK National Cyber Security Centre (NCSC) issued an alert urging organizations to address the critical CVE-2020-15505 remote code execution (RCE) vulnerability in MobileIron mobile device management (MDM) systems. MDM p
Publish At:2020-11-25 07:18 | Read:145 | Comments:0 | Tags:Uncategorized CVE-2020-15505 Hacking hacking news informatio

Group-IB Hi-Tech Crime Trends 2020/2021 report

Group-IB, a global threat hunting and intelligence company, has presented its annual Hi-Tech Crime Trends 2020/2021 report. In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year. The most severe financial damage has occurred as a result of ransomware acti
Publish At:2020-11-25 07:18 | Read:190 | Comments:0 | Tags:APT Breaking News Cyber Crime Hacking Malware hacking news i

2FA bypass in cPanel potentially exposes tens of millions of websites to hack

2FA bypass discovered in web hosting software cPanel More than 70 million sites are managed via cPanel software, according to the company. Researchers discovered a major issue in cPanel that could be exploited by attackers to bypass two-factor authentication for cPanel accounts. Security researchers from Digital Defense have discovered a major secur
Publish At:2020-11-24 20:07 | Read:222 | Comments:0 | Tags:Breaking News Hacking 2FA hacking news information security

Baidu Android apps removed from Play Store because caught collecting user details

Two Baidu Android apps have been removed from the Google Play Store in October after they’ve been caught collecting sensitive user details. Two apps belonging to Chinese tech giant Baidu, Baidu Maps and Baidu Search Box, have been removed from the Google Play Store at the end of October after they’ve been caught collecting sensitive user detai
Publish At:2020-11-24 18:20 | Read:183 | Comments:0 | Tags:Breaking News Malware Mobile Android Baidu data leak Hacking

TrickBot operators continue to update their malware to increase resilience to takedown

Following the recent takedown, the TrickBot operators have implemented various improvements to make it more resilient. In October, Microsoft’s Defender team, FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT, and Broadcom’s cyber-security division Symantec joined the forces and announced a coordinated effort to take down the command and control infrastructure
Publish At:2020-11-24 15:42 | Read:159 | Comments:0 | Tags:Breaking News Cyber Crime Malware Hacking hacking news infor

A new Stantinko Bot masqueraded as httpd targeting Linux servers

Researchers spotted a new variant of an adware and coin-miner botnet operated by Stantinko threat actors that now targets Linux servers. Researchers from Intezer have spotted a new variant of an adware and coin-miner botnet that is operated by Stantinko threat actors since 2012. The Stantinko botnet was first spotted by ESET in 2017, at the time it inf
Publish At:2020-11-24 15:42 | Read:181 | Comments:0 | Tags:Breaking News Cyber Crime Malware botnet Hacking hacking new

Microsoft fixes Kerberos Authentication issues with an out-of-band Update

Microsoft released an out-of-band update for Windows to address authentication flaws related to a recently patched Kerberos vulnerability. Microsoft released an out-of-band update to address authentication issues in Windows related to a recently patched Kerberos vulnerability tracked as CVE-2020-17049. “An out-of-band optional update is now available o
Publish At:2020-11-24 11:48 | Read:74 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

Credential stuffing attack targeted 300K+ Spotify users

Researchers uncovered a possible credential stuffing campaign that is targeting Spotify accounts using a database of 380 million login credentials. Security experts from vpnMentor have uncovered a possible credential stuffing operation that affected some Spotify accounts. Threat actors behind the campaign are using a database containing over 380 million r
Publish At:2020-11-24 07:54 | Read:99 | Comments:0 | Tags:Breaking News Hacking credential stuffing hacking news infor

Crooks social-engineered GoDaddy staff to take over crypto-biz domains

Crooks were able to trick GoDaddy staff into handing over control of crypto-biz domain names in a classic DNS hijacking attack. Crooks were able to hijack traffic and email to various cryptocurrency-related websites as a result of a DNS hijacking attack on domains managed by GoDaddy. The threat actors were able to modify DNS settings by tricking GoDaddy e
Publish At:2020-11-24 07:54 | Read:84 | Comments:0 | Tags:Breaking News Cyber Crime Digital ID Hacking DNS hijacking G

VMware discloses critical zero-day CVE-2020-4006 in Workspace One

VMware discloses a critical zero-day vulnerability (CVE-2020-4006) in multiple VMware Workspace One components and released a workaround to address it. VMware has released a workaround to address a critical zero-day vulnerability, tracked as CVE-2020-4006, that affects multiple VMware Workspace One components. The flaw could be exploited by attackers to e
Publish At:2020-11-23 20:12 | Read:144 | Comments:0 | Tags:Breaking News Security CVE-2020-4006 Hacking hacking news in

Tools