HackDig : Dig high-quality web security articles for hackers

Data Security Startup Qohash Raises $6 Million

Canadian data security startup Qohash this week announced it raised CAD 8 million (approximately USD $6.3 million) in Series A funding. The financing was led by FINTOP Capital.Founded in 2018, the Quebec-based company provides customers with solutions focused on data discovery and classification, helping enterprises monitor data across their environments. Fu
Publish At:2021-01-15 18:17 | Read:98 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Microsoft Reminds Organizations of Upcoming Phase in Patching Zerologon Vulnerability

Microsoft this week published a reminder for organizations that a February 9 security update will kick off the second phase of patching for the Zerologon vulnerability.Tracked as CVE-2020-1472 and addressed on August 2020 Patch Tuesday, the critical vulnerability was identified in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC) and can be abused to
Publish At:2021-01-15 11:45 | Read:143 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Vulnerabilities Manage

Facebook Takes Legal Action Against Data Scrapers

Facebook on Thursday announced that it took legal action against two individuals for scraping data from its website.In a lawsuit filed in Portugal, Facebook Inc. and Facebook Ireland seek permanent injunction against the two for violation of the social media platform’s terms of service and Portugal’s Database Protection Law.The social media giant says that t
Publish At:2021-01-15 10:29 | Read:91 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Virus & Threats Fr

RisingSun: Decoding SUNBURST C2 to Identify Infected Hosts Without Network Telemetry

Nearly three weeks after news regarding the widespread compromise of SolarWinds Orion customers became public, TrustedSec continues to receive inquiries from clients seeking more granular detail about the nature of the compromise. In most cases, clients have received a list of command and control (C2) domains from a major vendor and require assistance in
Publish At:2021-01-14 17:54 | Read:164 | Comments:0 | Tags:Incident Response Incident Response & Forensics

Capcom Says Personal Data of Thousands More Stolen in Ransomware Attack

Video game giant Capcom this week revealed that thousands more people than initially believed had their personal information stolen in a ransomware attack in November 2020.Known for video games such as Devil May Cry, Monster Hunter, Resident Evil, Street Fighter, Ace Attorney and Mega Man, the Japanese company has operations in Asia, Europe, and the United S
Publish At:2021-01-14 11:05 | Read:162 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Cybercrime Management

Official: Number of Victims of Russian Hack Likely to Grow

The number of federal agencies and private companies who learn that they have been affected by a massive Russian hack is expected to grow as the investigation into it continues, the U.S. government’s chief counterintelligence official said Tuesday.The FBI and other agencies last week attributed the intrusions to Russia as part of what officials described as
Publish At:2021-01-13 15:35 | Read:90 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response hack

New Zealand Central Bank Says Accellion Service at Heart of Cyberattack

The Reserve Bank of New Zealand – Te Pūtea Matua – says Accellion’s FTA (File Transfer Application) file sharing service was involved in a security incident disclosed on Sunday.The malicious incident, the bank said, involved a service that stored commercially and personally sensitive information, but could not provide specific details on the type of data tha
Publish At:2021-01-13 15:35 | Read:158 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Vulnerabilities Cyberc

Mimecast Discloses Certificate Incident Possibly Related to SolarWinds Hack

Email security company Mimecast on Tuesday revealed that a sophisticated threat actor had obtained a certificate provided to certain customers.According to Mimecast, it learned from Microsoft that hackers had compromised a certificate used to authenticate Mimecast Continuity Monitor, Internal Email Protect (IEP), and Sync and Recover products with Microsoft
Publish At:2021-01-13 11:41 | Read:112 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Email Security Incident Res

Hackers Publish COVID-19 Vaccine Data Stolen From EU Medicines Agency

Hackers have started leaking documents related to COVID-19 medicine and vaccines that were stolen from the European Medicines Agency (EMA) in early December 2020.The data breach resulted in “a limited number of documents belonging to third parties” being unlawfully accessed, EMA announced on December 11. An investigation was immediately launched into the inc
Publish At:2021-01-13 11:41 | Read:88 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Data Protection Cyberc

Microsoft Patch Tuesday: 83 Vulnerabilities, 10 Critical, 1 Actively Exploited

Microsoft on Tuesday released the first batch of security patches for 2021 with fixes for 83 documented security vulnerabilities, including a "critical" bug in the Defender security product that's being actively exploited.Security experts are urging security response personnel to pay special attention to CVE-2021-1647, which describes a remote code execution
Publish At:2021-01-12 16:11 | Read:133 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Virus

SAP Patches Serious Code Injection, DoS Vulnerabilities

German software maker SAP has published 10 advisories to document flaws and fixes for a range of serious security vulnerabilities.SAP also published a total of 7 other updates for previously released security notes on this month’s Patch Day, for a total of 17 Notes. Five of these carry the highest severity rating of Hot News.Dealing with multiple vulnerabili
Publish At:2021-01-12 16:11 | Read:144 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Ubiquiti Tells Users to Change Passwords After Breach at Cloud Provider

American technology company Ubiquiti this week revealed that one of its third-party cloud providers suffered a data breach.Founded in 2005, the New York City-based company manufactures wired and wireless data communication products for both corporate and home users, including routers, security cameras, network video recorders, and other Internet of Things de
Publish At:2021-01-12 12:17 | Read:139 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Cloud Security Data Pr

Intel Packs Ransomware Detection Directly Into vPro Platform

At the virtual Consumer Electronics Show (CES) on Monday, chipmaker Intel announced CPU-based ransomware detection capabilities has been fitted directly into the Intel vPro platform.  Increasingly targeting businesses, ransomware has become the most prominent threat to enterprises, requiring advanced solutions to keep their data and the data of the
Publish At:2021-01-12 12:17 | Read:183 | Comments:0 | Tags:Disaster Recovery Endpoint Security NEWS & INDUSTRY Appl

NSA Publishes Cybersecurity Year in Review Report

The United States National Security Agency (NSA) has released its 2020 Cybersecurity Year in Review report, which summarizes the NSA Cybersecurity Directorate's first full year of operation.The Cybersecurity Directorate was formally announced in July 2019, with a focus on protecting national security networks and the defense industrial base. Led by Ms. Anne
Publish At:2021-01-12 00:35 | Read:169 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Risk Management securi

Decryptor Released for Ransomware That Allegedly Helped Cybercriminals Make Millions

Bitdefender on Monday announced the availability of a free tool that organizations can use to recover files encrypted by DarkSide, a piece of ransomware that cybercriminals claim helped them make millions.DarkSide is a ransomware-as-a-service (RaaS) offering that was first announced on cybercrime forums in August 2020. DarkSide operators have been making mon
Publish At:2021-01-11 16:47 | Read:138 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Incident Response Viru


Tag Cloud