HackDig : Dig high-quality web security articles for hacker

BotConf 2019 Wrap-Up Day #3

It’s a classic issue for BotConf attendees, the last day is always a little bit stronger due to the social event organized every Thursday night. This year, we are in the French area where good wines are produced and the event took place at the “Cité du Vin”. The night was short but I was present at the first talk! Ready as usual! The first talk was “
Publish At:2019-12-06 15:20 | Read:80 | Comments:0 | Tags:Event Security Bordeaux Botconf Conference Malware

BotConf 2019 Wrap-Up Day #2

The second day is over. Here is my daily wrap-up. Today was a national strike day in France and a lot of problems were expected with public transports. However, the organization provided buses to help attendees to travel between the city center and the venue. Great service as always
Publish At:2019-12-05 20:20 | Read:127 | Comments:0 | Tags:Event Security Bordeaux Botconf Botnet

BotConf 2019 Wrap-Up Day #1

Hello from Bordeaux, France where I’m attending the 7th edition (already!) of the BotConf security conference dedicated to fighting against botnets. After Nantes, Nancy, Paris, Lyon, Montpellier, Toulouse and now Bordeaux, their “tour de France” is almost completed. What will be the next location? I attended all the previous editions and many wrap-up’s are a
Publish At:2019-12-04 20:20 | Read:140 | Comments:0 | Tags:Event Security Botconf

Explained: What is containerization?

Containerization. Another one of those tech buzzwords folks love to say but often have no idea what it means. A better way to organize children’s toys? The act of bringing tupperware out to dinner to safely transport home leftovers? Another name for Russian dolls? Containerization is, of course, none of those things. But its definition might be best
Publish At:2019-12-04 16:50 | Read:144 | Comments:0 | Tags:Explained cloud containerization containers instances manage

How safe are public USB charging stations?

Back in November, the Los Angeles District Attorney’s Office distributed an advisory about a new way criminal use public USB chargers to steal data called ‘juice jacking.’ The Los Angeles District Attorney pointed out that travelers must be cautious when using public USB power charging stations. According to government officials, charging a
Publish At:2019-12-04 10:35 | Read:83 | Comments:0 | Tags:Mobile News Security cybersecurity tips

Tornados, Necessity, and the Evolution of Mitigating Controls

According to the National Oceanic and Atmospheric Administration (NOAA), a tornado (also called a twister, whirlwind, or cyclone) is a violently rotating column of air that extends from a thunderstorm and comes into contact with the ground. Tornado intensity is measured by the enhanced Fujita (EF) scale from 0 through 5, based on the amount and type of wind
Publish At:2019-12-02 15:30 | Read:244 | Comments:0 | Tags:Articles controls history mitigating controls safety securit

PureLocker: the unusual ransomware that encrypts servers

In 2019, the resurgence of ransomware is still in full swing. Since the beginning of the year, a veritable litany of companies and organizations have suffered at the hands of this kind of malware: local governments, manufacturers, hospitals, producers, critical infrastructure… While we know who the victims of these ransomware attacks are, more often th
Publish At:2019-11-30 09:15 | Read:80 | Comments:0 | Tags:Business Security advanced cybersecurity Ransomware

DeepSec 2019 Wrap-Up Day #1

Hello from Vienna where I’m at the DeepSec conference. Initially, I was scheduled to give my OSSEC training but it was canceled due to a lack of students. Anyway, the organizers proposed to me to join (huge thanks to them!). So, here is a wrap-up of the first day! After the short opening ceremony by René Pfeiffer, the DeepSec organizer, the day star
Publish At:2019-11-30 08:20 | Read:179 | Comments:0 | Tags:Event Forensics Security Conference DeepSec Vienna Wrap-up

DeepSec 2019 Wrap-Up Day #2

Here we go for the second wrap-up! DeepSec is over, flying back tomorrow to Belgium. My first choice today was to attend: “How To Create a Botnet of GSM-devices” by Aleksandr Kolchanov. Don’t forget that GSM devices are not only “phones”. Aleksandr covered nice devices like alarm systems, electric sockets, smart-home controllers, industrial contr
Publish At:2019-11-30 08:20 | Read:185 | Comments:0 | Tags:Event Security DeepSec

[SANS ISC] My Little DoH Setup

I published the following diary on isc.sans.edu: “My Little DoH Setup“: “DoH”, this 3-letters acronym is a buzzword on the Internet in 2019! It has been implemented in Firefox, Microsoft announced that Windows will support it soon. They are pro & con about encrypting DNS requests in  HTTPS but it’s not the goal of this di
Publish At:2019-11-25 09:25 | Read:211 | Comments:0 | Tags:SANS Internet Storm Center Security DNS DoH PiHole SANS

A week in security (November 11 – 17)

Last week on Malwarebytes Labs, we offered statistics and information on a sneaky new Trojan malware for Android, inspected a bevy of current Facebook scams, and explained the importance of securing food and agriculture infrastructure. We also released our latest report on cybercrime tactics and techniques, offering new telemetry about the many cybersecu
Publish At:2019-11-18 16:50 | Read:342 | Comments:0 | Tags:A week in security CTNT cybercrime tactics & techniques cybe

[SANS ISC] Keep an Eye on Remote Access to Mailboxes

I published the following diary on isc.sans.edu: “Generating PCAP Files from YAML“: BEC or “Business Email Compromize” is a trending thread for a while. The idea is simple: a corporate mailbox (usually from a C-level member) is compromized to send legitimate emails to other employees or partners. That’s the very first st
Publish At:2019-11-12 03:20 | Read:307 | Comments:0 | Tags:SANS Internet Storm Center Security BEC Email SANS ISC

Cyber Security Month Wrap-Up

This month was the “Cyber Security Month” and I had the idea to post a security tip on Twitter for the first day. Don’t ask me why. Then, I wrote a second one and decided to tweet something every day. We are now at the end of the day and I’m publishing a recap of all tweets… Cybersecurity should not be taken into account
Publish At:2019-11-12 03:20 | Read:233 | Comments:0 | Tags:Security

[SANS ISC] Microsoft Apps Diverted from Their Main Use

I published the following diary on isc.sans.edu: “Microsoft Apps Diverted from Their Main Use“: This week, the CERT.eu organized its yearly conference in Brussels. Across many interesting presentations, one of them covered what they called the “cat’n’mouse” game that Blue and Red teams are playing continuously. When the Blue team h
Publish At:2019-11-12 03:20 | Read:251 | Comments:0 | Tags:SANS Internet Storm Center Security Microsoft Office SANS IS

Cybersecurity for journalists: How to defeat threat actors and defend freedom of the press

When you’re a journalist or work for the press, there may be times when you need to take extra cybersecurity precautions—more so than your Average Joe. Whether a reporter is trying to crowd-source information without revealing their story or operating in a country where freedom of the press is a pipe dream, cybersecurity plays an important role for any journ
Publish At:2019-11-11 23:20 | Read:302 | Comments:0 | Tags:How-tos communication data eavesdropping encrypted journalis

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud