HackDig : Dig high-quality web security articles for hackers

Pan-Asian retail giant Dairy Farm suffers REvil ransomware attack

Source: Wing1990hkMassive pan-Asian retail chain operator Dairy Farm Group was attacked this month by the REvil ransomware operation. The attackers claim to have demanded a $30 million ransom.The Dairy Farm Group operates over 10,000 outlets and has 230,000 employees throughout Asia. In 2019, the Dairy Farm Group's total annual sales exceeded $27 b
Publish At:2021-01-26 17:13 | Read:17 | Comments:0 | Tags:Security ransomware

New Linux SUDO flaw lets local users gain root privileges

A now-fixed Sudo vulnerability allowed any local user to gain root privileges on Unix-like operating systems without requiring authentication.Sudo is a Unix program that enables system admins to provide limited root privileges to normal users listed in the sudoers file, while at the same time keeping a log of their activity.It works on the Principle of Least
Publish At:2021-01-26 17:13 | Read:69 | Comments:0 | Tags:Security Linux privilege

More Cybersecurity Firms Confirm Being Hit by SolarWinds Hack

Cybersecurity companies Mimecast and Qualys have apparently been targeted by the threat actor that breached the systems of IT management solutions provider SolarWinds as part of a sophisticated supply chain attack. Fidelis Cybersecurity has also confirmed being hit, but it’s unclear if it was specifically targeted.Email security company Mimecast reported a c
Publish At:2021-01-26 15:35 | Read:62 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Virus & Threats Inciden

Mimecast links security breach to SolarWinds hackers

Email security company Mimecast has confirmed today that the threat actor behind the SolarWinds supply-chain attack is behind the security breach it disclosed earlier this month."Our investigation has now confirmed that this incident is related to the SolarWinds Orion software compromise and was perpetrated by the same sophisticated threat actor," Mimecast s
Publish At:2021-01-26 13:19 | Read:79 | Comments:0 | Tags:Security security hack

CISO Conversations: Intel, Cisco Security Chiefs Discuss the Making of a Great CISO

In this installment of SecurityWeek’s CISO Conversations series, we talk to two veteran security leaders in the technology sector: Brent Conran, CISO at Intel Corp., and Chris Leach, Senior CISO Advisor at Cisco Systems. The purpose, as always in this series, is to understand what makes a successful modern CISO.Organizational hierarchyThe enduring quest
Publish At:2021-01-26 11:41 | Read:127 | Comments:0 | Tags:NEWS & INDUSTRY Risk Management Management & Strateg

Mainframe Security Automation Is Not a Luxury

As cyber threats grow, even the most securable platform is vulnerable and requires adaptive autonomous protection.Business and IT leaders alike realize cybersecurity threats are constantly evolving in today's digital economy. This even applies to the most securable platform, the mainframe. Sixty-three percent of mainframe executives and practitioners cited s
Publish At:2021-01-26 11:38 | Read:85 | Comments:0 | Tags: security

Mastercard Introduces Quantum-Resistant Specs to Enhance Contactless Security

Credit card firm Mastercard has unveiled new quantum-resistant standards that are designed to enhance the security and privacy of contactless payments.As a result of the move, Mastercard will become the first payments network to bring quantum-era security and privacy to contactless payments. The Enhanced Contactless (Ecos) specifications have been introduced
Publish At:2021-01-26 10:38 | Read:150 | Comments:0 | Tags: security

TikTok fixes flaws allowing theft of private user information

Image: Christoph ScholzByteDance, the tech firm behind TikTok, has addressed a security vulnerability in the video-sharing social networking service which could have allowed attackers to steal users' private personal information.TikTok has servers in the countries where its iOS and Android apps operate and it is u
Publish At:2021-01-26 09:25 | Read:150 | Comments:0 | Tags:Security

Google fixes severe Golang Windows RCE vulnerability

This month Google engineers have fixed a severe remote code execution (RCE) vulnerability in the Go language (Golang).The RCE vulnerability, CVE-2021-3115, mainly impacts Windows users of Go running the go get command, due to the default behavior of Windows PATH lookups.RCE from PATH lookups in untrusted directoriesRecently, Japan-ba
Publish At:2021-01-26 09:25 | Read:74 | Comments:0 | Tags:Security Software Vulnerability

North Korea-linked campaign targets security experts via social media

Google TAG is warning that North Korea-linked hackers targeting security researchers through social media. Google Threat Analysis Group (TAG) is warning that North Korea-linked hackers targeting security researchers through social media. According to the Google team that focuses on nation-state attacks, a North Korea-linked APT group has targeted exper
Publish At:2021-01-26 09:06 | Read:155 | Comments:0 | Tags:APT Breaking News Hacking Malware hacking news information s

North Korean hackers are targeting security researchers with malware, 0-days

A North Korean government-backed hacking group targets security researchers who focus on vulnerability and exploit development via social networks, disclosed Google tonight.According to a report released tonight by Google's Threat Analysis Group, a North Korean government-backed hacking group uses social networks to target security researchers and infect the
Publish At:2021-01-26 01:37 | Read:112 | Comments:0 | Tags:Security Google security hack

Google Warning: North Korean Gov Hackers Targeting Security Researchers

Google late Monday raised the alarm about a “government-backed entity based in North Korea” targeting -- and hacking into -- computer systems belonging to security researchers.Google’s Threat Analysis Group (TAG), a team that monitors global APT activity, said the ongoing campaign is aimed at security researchers working on vulnerability research and develop
Publish At:2021-01-25 23:59 | Read:104 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

Beware of active UK NHS COVID-19 vaccination phishing campaign

A very active phishing campaign is underway pretending to be from the UK's National Health Service (NHS), alerting recipients that they are eligible to receive the COVID-19 vaccine.Today, numerous Twitter users began reporting that they received this phishing email, with some being in the right age group to be eligible and thus falling for the scam.There are
Publish At:2021-01-25 21:43 | Read:173 | Comments:0 | Tags:Security

Dutch police arrested two people for the illegal sale of COVID-19 patient data

Dutch police arrested two individuals for allegedly selling COVID-19 patient data stolen from the Dutch health ministry. Dutch police have arrested two individuals in the country for selling COVID-19 patient data stolen from the national COVID-19. The availability of COVID-19 patient data in the cybercrime underground was spotted by the RTL Nieuws rep
Publish At:2021-01-25 21:24 | Read:93 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Hacking Security coron

Leading crane maker Palfinger hit in global cyberattack

Leading crane and lifting manufacturer Palfinger is targeted in an ongoing cyberattack that has disrupted IT systems and business operations.Palfinger is a leading maker of crane and lifting solutions commonly used for construction, and land and sea lifting, loading, and handling solutions.Palfinger is an Austrian company with over 11,000 employees over
Publish At:2021-01-25 17:49 | Read:100 | Comments:0 | Tags:Security cyber

Tools

Tag Cloud