HackDig : Dig high-quality web security articles

Nagios XI Remote Code Execution

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HTTP::NagiosXi include Msf::Exploit::CmdStager include Msf::Exploit::FileDrop
Publish At:2021-04-15 16:12 | Read:181 | Comments:0 | Tags: IOS

Apple devices get urgent patch for zero-day exploit – update now!

byPaul DucklinApple has just pushed out an emergency “one-bug” security update for its mobile devices, including iPhones, iPads and Apple Watches.Even users of older iPhones and iPads who are still on the officially-supported iOS 12 version need to patch, so the versions you should be updating to are as follows:iOS 14 (recent iPhones): update to
Publish At:2021-04-07 10:24 | Read:123 | Comments:0 | Tags:Apple Apple Safari iOS Vulnerability CVE-2021-1879 Exploit i

CISA, FBI Warn of Attacks Targeting Fortinet FortiOS

The U.S. government is warning that Advanced Persistent Threat (APT) actors are exploiting vulnerabilities in Fortinet FortiOS in ongoing attacks targeting commercial, government, and technology services networks.The warning, issued in a joint advisory by FBI and the Cybersecurity and Infrastructure Security Agency (CISA), follows the recent release of
Publish At:2021-04-05 13:28 | Read:243 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

FBI and CISA published a joint alert to warn of advanced persistent threat (APT) groups targeting Fortinet FortiOS to access networks of multiple organizations. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) published a joint alert to warn of attacks carried out by APT groups targeting Fortinet Fo
Publish At:2021-04-02 20:27 | Read:338 | Comments:0 | Tags:APT Breaking News Hacking CISA FBI Fortinet FortiOS hacking

FBI and CISA warn of state hackers attacking Fortinet FortiOS servers

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warn of advanced persistent threat (APT) actors targeting Fortinet FortiOS servers using multiple exploits.In the Joint Cybersecurity Advisory (CSA) published today, the agencies warn admins and users that the state-sponsored hacking
Publish At:2021-04-02 16:52 | Read:243 | Comments:0 | Tags:Security IOS FBI CISA hack

FBI & CISA Warn of Active Attacks on FortiOS Vulnerabilities

A joint advisory warns admins of the likelihood of APT groups exploiting three vulnerabilities in the Fortinet FortiOS.The FBI and Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) today issued a joint advisory warning admins of active exploits targeting three vulnerabilities in Fortinet FortiOS.Related Content:Microso
Publish At:2021-04-02 15:10 | Read:248 | Comments:0 | Tags: IOS FBI CISA

Microsoft kills off the Cortana app for Android and iOS

​While Cortana is evolving and it's here to stay, it's no secret that most people prefer Google Assistant, Siri, and even Amazon Alexa over Microsoft's digital assistant.Microsoft's digital assistant Cortana was first unveiled with Windows Phones, and it was later introduced on Android and iOS.Microsoft had even offered Cortana in its Microsoft Launche
Publish At:2021-03-31 18:00 | Read:205 | Comments:0 | Tags:Microsoft Software IOS android

How to Remove Wi-Fi Networks from Your Mac and iOS Device

If you travel regularly with your Mac or iOS device, you likely find yourself connecting to new Wi-Fi networks: at airports, in train stations, in hotels, restaurants, pubs, or at clients’ offices. Whether you connect to these networks with your Mac, iPhone, or iPad, miraculously, your devices will remember these networks and sync them via iCloud — s
Publish At:2021-03-30 12:30 | Read:205 | Comments:0 | Tags:How To Mac Wi-Fi Networks WiFi IOS

Apple Patches Under-Attack iOS Zero-Day

Apple has shipped an urgent security update to fix a major security flaw affecting iPhone, iPad and Apple Watch devices alongside a warning that the vulnerability is being actively exploited in the wild.The new iOS 14.4.2 was released on Friday with yet another band-aid for Apple’s flagship iOS platform and the company said it was “aware of reports that an e
Publish At:2021-03-26 19:16 | Read:310 | Comments:0 | Tags:Cyberwarfare Endpoint Security Mobile Security Network Secur

Apple Patches iOS Zero-Day

Apple today released iOS 14.4.2 to address a security vulnerability that may have been actively exploited.Apple today released iOS 14.4.2 and iPadOS 14.4.2 to address a security problem in WebKit. Reports indicate the issue may have been exploited in the wild, the company states.Related Content:Apple Patches Three iOS Zero-Day VulnerabilitiesSpecial Report:
Publish At:2021-03-26 19:13 | Read:214 | Comments:0 | Tags: IOS

Apple fixes iOS zero-day vulnerability exploited in the wild

Apple has released security updates to address an iOS zero-day bug actively exploited in the wild and affecting iPhone, iPad, iPod, and Apple Watch devices."Apple is aware of reports that an exploit for this issue exists in the wild," the company said in a security advisory published today.The vulnerability tracked as CVE-2021-1879 was reported by Cleme
Publish At:2021-03-26 17:00 | Read:213 | Comments:0 | Tags:Security Apple IOS Vulnerability exploit

APPLE-SA-2021-03-26-1 iOS 14.4.2 and iPadOS 14.4.2

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2021-03-26-1 iOS 14.4.2 and iPadOS 14.4.2iOS 14.4.2 and iPadOS 14.4.2 addresses the following issue. Information about the security content is also available athttps://support.apple.com/HT212256.WebKitAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2and later, iPad 5th generation and
Publish At:2021-03-26 16:44 | Read:369 | Comments:0 | Tags: IOS

APPLE-SA-2021-03-26-2 iOS 12.5.2

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2021-03-26-2 iOS 12.5.2iOS 12.5.2 addresses the following issue. Information about the security content is also available athttps://support.apple.com/HT212257.WebKitAvailable for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPadmini 2, iPad mini 3, and iPod touch (6th generation)Impact: Processing mali
Publish At:2021-03-26 16:44 | Read:359 | Comments:0 | Tags: IOS

Cisco Jabber for Windows, macOS, Android and iOS is affected by a critical issue

Cisco has addressed a critical arbitrary program execution flaw in its Cisco Jabber client software for Windows, macOS, Android, and iOS. Cisco has addressed a critical arbitrary program execution issue, tracked as CVE-2021-1411, that affects several versions of Cisco Jabber client software for Windows, macOS, Android, and iOS. Cisco Jabber delivers in
Publish At:2021-03-24 21:43 | Read:248 | Comments:0 | Tags:Breaking News Security IOS android

How to enable Facebook’s hardware key authentication for iOS and Android

Since 2017 desktop users have had the opportunity to use physical security keys to log in to their Facebook accounts. Now iOS and Android users have the same option too. Physical security keys are a more secure option for two-factor authentication (2FA) than SMS (which is vulnerable to SIM swap attacks and phishing), and apps that generate codes or push noti
Publish At:2021-03-22 21:24 | Read:235 | Comments:0 | Tags:How-tos 2fa facebook mfa security keys IOS android