HackDig : Dig high-quality web security articles for hackers

Developers vs. Security: Who is Responsible for Application Security?

Call it the blame game or just a vicious circle. The long-standing tension between developers and IT security experts is not easing anytime soon. Each side blames the other for security risks in application security and other areas, but digital defense overall will suffer unless the two sides come together. We spoke to Vikram Kunchala, U.S. lead for Deloitt
Publish At:2021-03-01 09:45 | Read:72 | Comments:0 | Tags:Application Security Risk Management Information Technology

Self-Assessment Tool Aims to Enhance Small Biz Security

Sole traders and micro-businesses now have some extra cybersecurity support after the UK authorities launched a new online self-assessment tool.The free service is being provided by the GCHQ-backed National Cyber Security Center to the country’s smallest businesses who, like most others, have been working remotely during the pandemic.It’s a
Publish At:2021-03-01 09:44 | Read:84 | Comments:0 | Tags: security

70% of Orgs Facing New Security Challenges Due to #COVID19 Pandemic

New research from endpoint management and security provider Tanium has discovered that seven out of 10 organizations have reported facing new security challenges due to the COVID-19 pandemic.The firm’s report, IT Leads the Way: How the Pandemic Empowered IT, outlines the impact of remote working upon organizations and their strategies for adapting to i
Publish At:2021-03-01 09:44 | Read:116 | Comments:0 | Tags: security

NSA embraces the Zero Trust Security Model

The National Security Agency (NSA) published a document to explain the advantages of implementing a zero-trust model. The National Security Agency (NSA) recently published a document to explain the benefits of adopting a zero-trust model, and advice to navigate the process. Modern infrastructure are complex environments that combine multiple technolog
Publish At:2021-03-01 04:49 | Read:93 | Comments:0 | Tags:Breaking News Security Hacking hacking news information secu

Cyber Security Roundup for March 2021

 A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021.Serious Linux VulnerabilityLast month a newly discovered critical vulnerability in 'sudo', a fundamental program present in all Linux and Unix operating systems caught my eye. The
Publish At:2021-02-28 22:45 | Read:152 | Comments:0 | Tags: security cyber

EU leaders aim at boosting defense and security, including cybersecurity

During a video conference of the members of the European Council, EU leaders agreed on a new strategy aimed at boosting defense and security.  During the recent video conference of the members of the European Council (25-26 February 2021), NATO chief Jens Stoltenberg highlighted the importance to define a strategy to boost defense and security.
Publish At:2021-02-28 15:20 | Read:106 | Comments:0 | Tags:Breaking News Security Cybersecurity Eu Council Hacking hack

Don't Worry: Google's suspicious GVT1.com URLs aren't dangerous

Certain Google-owned domains have caused Chrome users, from even the most skilled researchers to regular users, to question whether they are malicious.The domains I am referring to are redirector.gvt1.com and gvt1/gvt2 subdomains that have spun many questions on the internet.After receiving multiple concerned questions over the years, Ble
Publish At:2021-02-28 13:01 | Read:160 | Comments:0 | Tags:Security Google

Security Affairs newsletter Round 303

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.comExperts warn of threat actors abusing Google Alert
Publish At:2021-02-28 08:48 | Read:184 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ​A cybercrime group called ‘Hotarus Corp’ has breached the Ecuador’s largest private bank, Banco Pichincha, and the local Ministry of Finance (the Ministerio de Economía y Finanzas de
Publish At:2021-02-27 13:49 | Read:205 | Comments:0 | Tags:Breaking News Cyber Crime Malware Security Cybercrime Hackin

Google shares PoC exploit for critical Windows 10 Graphics RCE bug

Project Zero, Google's 0day bug-hunting team, shared technical details and proof-of-concept (PoC) exploit code for a critical remote code execution (RCE) bug affecting a Windows graphics component.The Project Zero researchers discovered the vulnerability, tracked as CVE-2021-24093, in a high-quality text rendering Windows API named Microsoft D
Publish At:2021-02-27 13:37 | Read:123 | Comments:0 | Tags:Security Microsoft exploit

Microsoft fixes Windows 10 drive corruption bug — what you need to know

Microsoft has fixed a Windows 10 bug that could cause NTFS volumes to become corrupted by merely accessing a particular path or viewing a specially crafted file.Last month, BleepingComputer reported on a new Windows bug that allows any users, including those with low privileges, to mark an NTFS volume as dirty. All a Windows user had to do to trigg
Publish At:2021-02-27 13:37 | Read:141 | Comments:0 | Tags:Microsoft Security

NSA, Microsoft promote a Zero Trust approach to cybersecurity

The National Security Agency (NSA) and Microsoft are advocating for the Zero Trust security model as a more efficient way for enterprises to defend against today’s increasingly sophisticated threats.The concept has been around for a while and centers on the assumption that an intruder may already be on the network, so local devices and connections
Publish At:2021-02-27 13:37 | Read:132 | Comments:0 | Tags:Security security cyber cybersecurity

The Week in Ransomware - February 26th 2021 - Back from the Holidays

The number of attacks had slowed down after the winter holidays, but after the past two weeks, it's evident that the ransomware attacks are back at full speed.Over the past two weeks, we had some significant attacks, including attacks on Discount Car and Truck Rentals, an alleged attack on Kia Motors/Hyundai, UL, TietoEVRY, Ecuador's
Publish At:2021-02-26 22:01 | Read:142 | Comments:0 | Tags:Security ransomware

Ransomware gang hacks Ecuador's largest private bank, Ministry of Finance

​A hacking group called 'Hotarus Corp' has hacked Ecuador's Ministry of Finance and the country's largest bank, Banco Pichincha, where they claim to have stolen internal data.The ransomware gang first targeted Ecuador's Ministry of Finance, the Ministerio de Economía y Finanzas de Ecuador, where they deployed a PHP-based ransomware strain to enc
Publish At:2021-02-26 18:07 | Read:176 | Comments:0 | Tags:Security ransomware hack

T-Mobile discloses data breach after SIM swapping attacks

Image: Mika BaumeisterAmerican telecommunications provider T-Mobile has disclosed a data breach after an unknown number of customers were apparently affected by SIM swap attacks.SIM swap fraud (or SIM hijacking) allows scammers to take control of targets' phone numbers after porting them using social engineering or after bribing mobile operator employees to
Publish At:2021-02-26 18:07 | Read:144 | Comments:0 | Tags:Security

Tools

Tag Cloud