HackDig : Dig high-quality web security articles for hacker

Russian telco Rostelecom hijacks traffic for IT giants, including Google, Amazon and Facebook

Russian telco operator Rostelecom was involved in BGP hijacking incident that impacted hundreds of CDNs and cloud providers last week. Last week, Russia’s state-owned telco Rostelecom was involved in an apparent incident that hijacked the traffic for more than 200 content delivery networks (CDNs) and cloud hosting providers, including giants like Go
Publish At:2020-04-06 17:16 | Read:138 | Comments:0 | Tags:Breaking News Security hacking news information security new

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

DarkHotel nation-state actor is exploiting a VPN zero-day to breach Chinese government agencies in Beijing and Shanghai Chinese security-firm Qihoo 360 has uncovered a hacking campaign conducted by a DarkHotel APT group (APT-C-06) aimed at Chinese government agencies in Beijing and Shanghai. State-sponsored hackers used a zero-day vulnerability in Sangfor
Publish At:2020-04-06 17:16 | Read:96 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware backdoor malw

Key Ring digital wallet exposes data of 14 Million users in data leak

vpnMentor researchers discovered that the popular digital wallet application Key Ring exposed data belonging to millions of users in a huge data leak. The digital wallet application Key Ring recently exposed information from its 14 million users. Key Ring is a mobile application that allows users to create a digital wallet on their devices and us
Publish At:2020-04-06 17:16 | Read:71 | Comments:0 | Tags:Breaking News Data Breach data leak Hacking information secu

ENISA released a Tool to map dependencies to International Standards

The European Agency for Cybersecurity ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators. ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators that have been introduced and demonstrated in the report Good practices on interdependencies bet
Publish At:2020-04-06 17:16 | Read:107 | Comments:0 | Tags:Breaking News Security ENISA information security news it se

Experts uncovered hidden behavior in thousands of Android Apps

A group of security researchers has found thousands of Android apps containing hidden backdoors and blacklists. Researchers from The Ohio State University, New York University, and CISPA Helmholtz Center for Information Security analyzed thousands of mobile applications for Android and discovered dangerous behavior, including backdoors and blacklists.
Publish At:2020-04-05 14:48 | Read:118 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Mobile Android bac

Coronavirus-themed attacks March 29 – April 04, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 29 to April 04, 2020. Threat actors exploit the interest in the COVID19 outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. March 30, 2020 – Your colleagu
Publish At:2020-04-05 06:40 | Read:86 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Security coronavir

Security Affairs newsletter Round 258

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Coronavirus-themed attacks March 22 – March 28, 2020FIN7 hackers target enterprises with weaponized USB drives via USPSSource code of Dharma ransomware now surfacing on public hacking forumsCrooks leverage Zooms popularity in Coronavirus outbreak to serve malware
Publish At:2020-04-05 06:05 | Read:61 | Comments:0 | Tags:Breaking News Cyber Crime Cyber warfare Hacking Intelligence

New Coronavirus-themed campaign spread Lokibot worldwide

Researchers spotted a new Coronavirus-themed attack, the messages pretend to be sent from the World Health Organization to deliver Lokibot infostealer. Security experts at FortiGuard Labs discovered a new Coronavirus-themed campaign using alleged messages from the World Health Organization (WHO) to deliver the LokiBot trojan. The campaign was uncovered
Publish At:2020-04-04 19:08 | Read:159 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware coronavirus covid1

100,000 WordPress sites using the Contact Form 7 Datepicker plugin are exposed to hack

An authenticated stored cross-site scripting (XSS) vulnerability could allow attackers to create rogue admins on WordPress sites using Contact Form 7 Datepicker plugin. Administrators of WordPress sites using the Contact Form 7 Datepicker plugin are recommended to remove or deactivate it to prevent attackers from exploiting a stored cross-site scripting (
Publish At:2020-04-04 15:18 | Read:12 | Comments:0 | Tags:Breaking News Hacking Contact Form 7 Datepicker hacking news

Twitter discloses privacy issue that caused caching of files sent via DMs in Firefox

Twitter discloses a privacy issue in the way the Mozilla Firefox cached private files sent or received via DM for up to 7 days. Twitter admitted that the private files sent via Twitter DMs were cached inside the users’ Firefox browsers for up to seven days, even if users have logged off. The problem is related to the way the Mozilla Firefox web b
Publish At:2020-04-04 15:17 | Read:62 | Comments:0 | Tags:Breaking News Digital ID Security Social Networks Firefox in

Magecart group 7 use new e-skimmer to steal payment data

RiskIQ researchers spotted a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites. Researchers from security firm RiskIQ have uncovered a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites to steal customers’ payment card data. The experts discovered a new s
Publish At:2020-04-04 15:17 | Read:18 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cybercrime hacking

Hacking iPhone or MacBook devices by tricking into visiting a site

Bad news for Apple iPhone or MacBook users, attackers could hack their device’s camera by tricking them into visiting a website. The ethical hacker Ryan Pickren demonstrated that it is possible to hack Apple iPhone or MacBook users by simply tricking them into visiting a website with the Safari browser. Pickren reported seven vulnerabilities to A
Publish At:2020-04-04 15:17 | Read:71 | Comments:0 | Tags:Hacking Apple information security news macOS Pierluigi Paga

Microsoft’s case study: Emotet took down an entire network in just 8 days

Microsoft declared that an Emotet attack took down an organization’s network by overheating all the computers and bringing its Internet access down. Microsoft shared details of the Emotet attack suffered by an organization named Fabrikam in the Microsoft’s Detection and Response Team (DART) Case Report 002, where Fabrikam is a fake name the I
Publish At:2020-04-04 15:17 | Read:100 | Comments:0 | Tags:Breaking News Hacking EMOTET information security news it se

Hackers exploited IE and Firefox flaws in attacks on entities in China, Japan

An APT group is exploiting the flaws patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan. An APT group is exploiting two vulnerabilities patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan. The first issue, tracked as CVE-2019-17026, affects the Firefox browser and wa
Publish At:2020-04-02 17:58 | Read:151 | Comments:0 | Tags:Breaking News Hacking China Firefox IE information security

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. Recently Microsoft has published details about human-operated ransomware attacks that ta
Publish At:2020-04-02 06:11 | Read:165 | Comments:0 | Tags:Breaking News Cyber Crime Security COVID Hacking human-opera

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud