HackDig : Dig high-quality web security articles for hacker

Microsoft Considers Earlier SHA-1 Deprecation Deadline

Tech companies continue to back away from SHA-1 like it’s an infectious disease.Microsoft, which already had plans to deprecate the crusty cryptographic algorithm by the start of 2017, decided this week to move up that deadline six months. The company said it’s considering whether it will start blocking SHA-1-signed TLS certs in June 2016 instead
Publish At:2015-11-06 21:50 | Read:3131 | Comments:0 | Tags:Cryptography Microsoft Bruce Schneier Collision attacks Fire

Microsoft fixes critical vulnerabilities affecting Windows and Office

Microsoft has released the month’s Microsoft Patch Tuesday that has fixed 33 vulnerabilities, most of them critical and affecting Internet Explorer. Here we are to discuss the last month’s Microsoft Patch Tuesday that this month fixed for 33 vulnerabilities, most of them affecting Internet Explorer. The experts wa
Publish At:2015-10-15 10:15 | Read:3645 | Comments:0 | Tags:Breaking News Security Internet Explorer Microsoft Microsoft

VERT Threat Alert – October 2015 Patch Tuesday Analysis

Today’s VERT Alert addresses 6 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-638 on Wednesday, October 14th. Ease of Use (published exploits) to Risk TableAutomated ExploitEasyModerateDifficultExtremely DifficultNo Known ExploitMS15-107MS15-106MS15-108
Publish At:2015-10-14 14:25 | Read:3483 | Comments:0 | Tags:Vulnerability Management internet explorer microsoft Patch T

Video Saver PUP Blocks You From Changing Your Default Browser

A potentially unwanted program (PUP) called Video Saver, belonging to the Neobar family of browser hijackers, has been found to use a different trick to “convince” their victims to use their search engine “Search with us!”. It will show the victims a prompt to let them know there are restrictions in effect on their computer and to contact their system admini
Publish At:2015-10-08 01:40 | Read:3901 | Comments:0 | Tags:Security Threat hijack Internet Explorer Pieter Arntz policy

Microsoft Pushes a Dozen Security Updates

Microsoft today released a dozen security updates for computers running supported versions of its Windows operating system. Five of the patches fix flaws that could get PCs compromised with little to no help from users, and five of the bulletins have vulnerabilities that were publicly disclosed before today (including one that reportedly has been detected in
Publish At:2015-09-27 11:50 | Read:3063 | Comments:0 | Tags:Time to Patch Adobe Shockwave patch internet explorer Micros

This Week in Security: Data Dumps, IRS Breach Doubles, Spotify Overhauls Privacy Policy

Our security roundup series covers the week’s trending topics in the world of InfoSec. In this quick read summary, we’ll let you know of the latest reports and controversies that the industry has been talking about recently.Here’s what you don’t want to miss from the week of August 17th, 2015:The Ashley Madison hack went from bad to worse after the data that
Publish At:2015-08-22 04:25 | Read:3170 | Comments:0 | Tags:This Week in Security Ashley Madison China internet explorer

Emergency IE Patch Fixes Vulnerability Under Attack

Microsoft today released an emergency patch for all supported versions of Internet Explorer, including IE 11 running on the recently released Windows 10.Microsoft said in its advisory that the zero-day is being publicly exploited. Google security engineer Clement Lecigne is credited with reporting the issue. A request for comment to Lecigne was not returned
Publish At:2015-08-19 07:15 | Read:2774 | Comments:0 | Tags:Microsoft Vulnerabilities Web Security emergency patch EMET

IE Under Attack! Microsoft Releases Emergency Out-of-Band Patch

If Microsoft calls a vulnerability “critical,” warns that it affects all versions of Windows, and is prepared to issue a patch outside of its normal Patch Tuesday monthly schedule, you should sit up and listen.Today, Microsoft has issued an advisory about a zero-day vulnerability, dubbed CVE-2015-2502, that could allow an attacker to hijack contr
Publish At:2015-08-19 06:05 | Read:2724 | Comments:0 | Tags:Featured Articles Vulnerability Management internet explorer

Microsoft issues emergency patch for critical IE bug under active exploit

Microsoft has issued an emergency update for its Internet Explorer browser to patch a critical vulnerability attackers are actively exploiting to install malware on targeted computers.CVE-2015-2502, as the remote code-execution flaw is indexed, can be exploited when vulnerable computers visit booby-trapped websites or possibly when they open malicious HT
Publish At:2015-08-19 04:00 | Read:2159 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab exploits inter

Recent Internet Explorer Vulnerability Exploited in The Wild

A recently patched Internet Explorer vulnerability (CVE-2015-2419) has already made its way into the top exploit kit on the market, Angler EK, according to security firm FireEye. The flaw affects Internet Explorer version 6 all the way to 11 and was rated critical by Microsoft in its July 22nd security bulletin. Malwarebytes Anti-Exploit successfully blocks
Publish At:2015-08-12 09:45 | Read:4036 | Comments:0 | Tags:Exploits exploit IE Internet Explorer malwarebytes anti-expl

VERT Threat Alert: August 2015 Patch Tuesday Analysis

Today’s VERT Alert addresses 14 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-628 on Wednesday, August 12th.MS15-079Multiple Memory Corruption VulnerabilitiesMULTIPLEMultiple ASLR Bypass VulnerabilitiesMULTIPLEUnsafe Command Line Parameter Passing Vulnerabi
Publish At:2015-08-11 21:45 | Read:3079 | Comments:0 | Tags:Vulnerability Management internet explorer microsoft Microso

Windows 10’s New Browser Microsoft Edge: Improved, But Also New Risks

Last week we discussed how Microsoft Edge, the new browser in Windows 10, represented a significant increase in the security over Internet Explorer. However, there are also new potential threat vectors that aren’t present in older versions. Integrated plug-ins Microsoft Edge has now integrated two widely used plug-ins into the browser itself: Adobe Fla
Publish At:2015-07-30 02:10 | Read:4061 | Comments:0 | Tags:Vulnerabilities Internet Explorer Microsoft microsoft edge W

ZDI disclosed 4 zero-day vulnerabilities in Internet Explorer

The HP Zero Day Initiative has disclosed four new zero-day vulnerabilities in Internet Explorer that can be exploited by attackers to remotely execute code. The HP’s Zero Day Initiative has disclosed four new zero-day vulnerabilities in Internet Explorer that can be exploited by attackers to remotely execute code. The four zer
Publish At:2015-07-24 18:10 | Read:3730 | Comments:0 | Tags:Breaking News Hacking Internet Explorer Microsoft Mobile Pwn

Fully patched Internet Explorer for smartphones menaced by whopping 4 code-execution bugs (Updated)

Researchers at an HP security division have publicly detailed four code-execution vulnerabilities that can be used to hijack end-user smartphones running the latest versions of Microsoft's Internet Explorer browser.The disclosures earlier this week came more than six months after researchers from HP-owned TippingPoint first privately reported the bugs to
Publish At:2015-07-23 20:35 | Read:3242 | Comments:0 | Tags:Risk Assessment Technology Lab exploits internet explorer ma

Windows 10 Sharpens Browser Security With Microsoft Edge

Internet Explorer is possibly the most popular target for vulnerabilities around today. In 2014 alone, a total of 243 vulnerabilities in Internet Explorer were disclosed and patched. Every Microsoft Patch Tuesday cycle contains one bulletin that covers multiple IE vulnerabilities – the monthly “Cumulative Security Update for Internet ExplorerR
Publish At:2015-07-22 01:25 | Read:5180 | Comments:0 | Tags:Vulnerabilities Internet Explorer Microsoft microsoft edge W

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud