HackDig : Dig high-quality web security articles

Wrestling star Mick Foley’s Twitter compromised, selling PS5 consoles

One of the biggest wrestling stars around, Mick Foley, had his Twitter account hijacked in an attempt to legitimize a very popular scam. When a well known individual has their social media accounts compromised, disaster looms, as everything from phishing to malware distribution waits in the wings for potential victims. But this time, we traded messages w
Publish At:2022-08-01 16:02 | Read:320181 | Comments:0 | Tags:Scams charity compromised hijack mick foley PS5 security twi

Warning for WordPress admins: uninstall the Modern WPBakery plugin immediately!

WordPress admins are being warned to remove a buggy plugin or risk a total site takeover. This particular threat relates to a plugin which is no longer in use: Modern WPBakery page builder addons. The vulnerability in the plugin, known as CVE-2021-24284, allows “unauthenticated arbitrary file upload via the ‘uploadFontIcon’ AJAX action&#
Publish At:2022-07-19 11:52 | Read:250625 | Comments:0 | Tags:Malwarebytes news compromise CVE exploit hijack JavaScript m

REvil ransomware’s calling, and it’s not good news

The REvil ransomware (AKA Sodinokibi, which operates as a Ransomware as a Service) is adopting some outreach techniques after initial compromise, designed to shame victims into paying up. Shaming victims into action Malware authors and social engineers have relied on shame and the threat of exposure for years. Nothing encourages potential victims to p
Publish At:2021-03-10 05:12 | Read:172510 | Comments:0 | Tags:Ransomware attack blackmail compromise hijack malware ransom

Website misconfigurations and other errors to avoid

Website owners, listen up: There are lots of things you shouldn’t do with your site, and many more you should avoid with the domains you’re responsible for. Insider malice, bad luck, and the stars aligning in impossible ways can all give your online portfolio a bad hair day. However, if you want to tempt fate, you can bring on the mayhem with website misconf
Publish At:2020-07-15 11:33 | Read:129916 | Comments:0 | Tags:How-tos bank banking blog CMS dns hijack redirect website

DNS Hijacks: Routers

Our Support department has noticed a significant increase in the number of people that have had their DNS settings hijacked. Not only on their computers, but on their routers as well. For some background information on DNS hijacks, please read “DNS Hijacks: What to Look For”. How does it work? In a typical home setup, we have: A modem provided b
Publish At:2015-12-18 00:25 | Read:143810 | Comments:0 | Tags:Online Security default password dns hijack Pieter Arntz rou

Video Saver PUP Blocks You From Changing Your Default Browser

A potentially unwanted program (PUP) called Video Saver, belonging to the Neobar family of browser hijackers, has been found to use a different trick to “convince” their victims to use their search engine “Search with us!”. It will show the victims a prompt to let them know there are restrictions in effect on their computer and to contact their system admini
Publish At:2015-10-08 01:40 | Read:144991 | Comments:0 | Tags:Security Threat hijack Internet Explorer Pieter Arntz policy

DNS Hijacks: What to Look For

What is DNS? The definition: The domain name system (DNS) is the way that internet domain names are located and translated into Internet Protocol addresses. When trying to explain the concept of DNS name resolution I think that finding a phone number for a certain person is a good analogy. There are several ways to find a person’s phone number and the same i
Publish At:2015-09-16 14:25 | Read:147118 | Comments:0 | Tags:Online Security dns fake hijack Pieter Arntz router spoofing

TeslaCrypt: Video game Safety 101

TeslaCrypt is a piece of Ransomware which encrypts your data and locks it behind a “Pay up some serious cash or no files for you” series of messages designed to inspire fear and a liberal slice of money being thrown at the TFT. All your documents, photos, databases and other important files have been encrypted with strongest encryption RSA-2048
Publish At:2015-04-20 21:25 | Read:414266 | Comments:0 | Tags:Security Threat games gaming hijack scam teslacrypt

Help! My IP Address Has Been Hijacked!

SpamCop is a free, community-based spam email reporting service provided by Cisco. SpamCop analyzes reported spam, and extracts details about the sending IP, the URLs contained in the spam, and the networks over which the spam message has transited. This information is used to create the SpamCop Block List (SCBL). The SCBL a list of IP addresses believed to
Publish At:2014-09-17 22:00 | Read:218392 | Comments:0 | Tags:Security hijack security spam Talos

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud