HackDig : Dig high-quality web security articles for hackers

Is TikTok going to be banned?

TikTok, one of the most downloaded apps of 2019 in the USA, is on the brink of getting banned due to security concerns. President Trump initially stated that the app would be prohibited within 48 hours. However, Microsoft stepped in and expressed interest in purchasing it instead. The President then delayed the decision to get rid of the Chinese app for good
Publish At:2020-08-05 06:45 | Read:59 | Comments:0 | Tags:Mobile News Social Media apps Microsoft TikTok

Tripwire Patch Priority Index for July 2020

Tripwire’s July 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, F5 Networks, Cisco, and Oracle.Up first on the patch priority list this month are patches for F5 Networks and Cisco for vulnerabilities that have been integrated into various Exploits. Metasploit has recently added exploits for F5 Networks’ B
Publish At:2020-08-03 08:24 | Read:93 | Comments:0 | Tags:Featured Articles VERT Cisco critical vulnerability F5 Netwo

Phishing Email Uses Google Ad Redirect to Steal Microsoft Credentials

Security researchers came across a phishing email that used a Google Ad redirect as a part of its efforts to steal victims’ Microsoft credentials.Cofense found that the email originated from the legitimate email address “info@jtpsecurity[.]co[.]za.” The security firm reasoned that attackers had compromised that email account and abused their access to
Publish At:2020-07-31 10:54 | Read:147 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Google

Zimperium Protects Mobile Users from Microsoft O365 SharePoint Phishing Attack

According to Data Breach Today, “fraudsters are mimicking automated messages from Microsoft SharePoint for a phishing campaign that attempts to steal Office 365 credentials.” The malicious emails reached about 50,000 inboxes so far, and the campaign may still be active, per Abnormal Security, the company that identified the phishing campaign. While learning
Publish At:2020-07-30 16:34 | Read:95 | Comments:0 | Tags:Mobile Security Microsoft Mobile security phishing

Microsoft seizes control of domains used in phishing attacks

Compromised or malicious websites are a main channel for the propagation of malware infections for all kinds of devices. Simply avoiding dubious websites reduces your chances of being infected by malware, yet the real problem is often that we are unaware that we are running this risk. According to the latest data, 91 percent of all attacks begin with a phish
Publish At:2020-07-24 06:00 | Read:120 | Comments:0 | Tags:Adaptive Defense News b2b covid-19 Microsoft Phishing

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Expert release a PoC exploit code for a recently addressed critical flaw in Microsoft SharePoint, .NET Framework, and Visual Studio. CVE-2020-1147 is a critical vulnerability in .NET Framework, SharePoint, and Visual Studio that was recently addressed by Microsoft with the release of the July 2020 Patch Tuesday security updates. The flaw is caused by t
Publish At:2020-07-23 14:06 | Read:128 | Comments:0 | Tags:Breaking News Hacking CVE-2020-1147 hacking news information

Patch now! SIGRED – the wormable hole in your Windows servers

byPaul DucklinYesterday was Patch Tuesday, and with 123 bugs fixed, including 20 in the “critical” category, we’re saying what we always do, namely, “Patch early, patch often.”As often happens, however, one BWAIN – that’s shorthand for Bug With An Impressive Name – found in the Windows DNS server is flying high
Publish At:2020-07-15 13:44 | Read:170 | Comments:0 | Tags:Microsoft Vulnerability BWAIN Exploit SIGRED vulnerability W

Patch Tuesday: Fixes for ‘Wormable’ Windows DNS Server RCE, SharePoint Flaws

There has been a common vulnerabilities and exposures (CVE) fixing trend in 2020 Patch Tuesdays. For instance, Microsoft has patched roughly more than 100 vulnerabilities per month in recent bulletins. Similarly, the July update issues 123 patches, including fixes in RemoteFX vGPU, Microsoft Office, Microsoft Windows, OneDrive, and Jet Database Engine. The p
Publish At:2020-07-15 02:56 | Read:102 | Comments:0 | Tags:Exploits Vulnerabilities Microsoft Office SharePoint Windows

Microsoft releases emergency security updates to fix Windows codecs

Microsoft has silently released an emergency security update through the Windows Store app to address two vulnerabilities in Windows codecs. Microsoft has silently released two out-of-band security updates through the Windows Store app to address two vulnerabilities in the Windows Codecs Library. The two issues are remote code execution vulnerabilities
Publish At:2020-07-01 17:02 | Read:428 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

Tripwire Patch Priority Index for June 2020

Tripwire’s June 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, BIND and Oracle.Up first on the Patch Priority Index this month are patches for Microsoft, BIND and Oracle for vulnerabilities that have been integrated into various Exploits. Metasploit has recently added exploits for BIND (CVE-2020-8617), Oracle
Publish At:2020-06-24 18:40 | Read:217 | Comments:0 | Tags:VERT News microsoft patch priority index vulnerability

A zero-day guide for 2020: Recent attacks and advanced preventive techniques

Zero-day vulnerabilities enable threat actors to take advantage of security blindspots. Typically, a zero-day attack involves the identification of zero-day vulnerabilities, creating relevant exploits, identifying vulnerable systems, and planning the attack. The next steps are infiltration and launch.  This article examines three recent zero-day atta
Publish At:2020-06-23 14:30 | Read:152 | Comments:0 | Tags:Exploits and vulnerabilities artificial intelligence EDR end

Turn on MFA Before Crooks Do It For You

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves wil
Publish At:2020-06-19 17:21 | Read:291 | Comments:0 | Tags:Latest Warnings Security Tools Dennis Dayman microsoft multi

Facial recognition: tech giants take a step back

Last week, a few major tech companies informed the public that they will not provide facial recognition software to law enforcement. These companies are concerned about the way in which their technology might be used. What happens when software that threatens our privacy falls into the hands of organization which we no longer trust? In general, being awar
Publish At:2020-06-18 13:50 | Read:271 | Comments:0 | Tags:Artificial Intelligence Privacy ACLU AI amazon biometrics EF

Why Mobile Threat Defense is an Absolute Requirement to Protect O365/Teams Users & Zero Trust Efforts

Government agencies’ usage of Microsoft Office 365 and Teams has skyrocketed (over 900% for some agencies). Unfortunately, the cyber threats to the GFE and BYOD mobile devices that are accessing O365 has also significantly increased. Without implementing mobile threat defense (MTD) solutions, agencies and their “Zero Trust” initiatives are exposed and
Publish At:2020-06-16 14:44 | Read:164 | Comments:0 | Tags:Mobile Threat Defense Endpoint Manager Microsoft mobile thre

Microsoft Azure users leave front door open for cryptomining crooks

byDanny BradburyRemember when as a server operator all you had to worry about were people scanning for open ports and then stealing secrets via telnet shells? Those were the days, eh?Things got a lot more complicated when the cloud got popular. Now, hackers are gaining access to cloud-based systems via the web, and they’re using them to mine for cryptocurren
Publish At:2020-06-15 11:46 | Read:211 | Comments:0 | Tags:Cryptocurrency Microsoft cryptomining Istio Kubeflow Kuberne


Share high-quality web security related articles with you:)


Tag Cloud