HackDig : Dig high-quality web security articles for hacker

SMS Scams and Smartphone Malware

Smartphones have become a crucial part of our everyday lives; we shop, bank and network using our phones. But with so much valuable personal data being stored on these devices, they have become a top target for cyber criminals. If they can crack our phones, they can steal our identities, blackmail us for cash, or empty our bank accounts using scams. As a res
Publish At:2017-07-25 22:40 | Read:2344 | Comments:0 | Tags:Mobile Security Malware scams smartphones sms

InterContinental Hotel Chain Breach Expands

In December 2016, KrebsOnSecurity broke the news that fraud experts at various banks were seeing a pattern suggesting a widespread credit card breach across some 5,000 hotels worldwide owned by InterContinental Hotels Group (IHG). In February, IHG acknowledged a breach but said it appeared to involve only a dozen properties. Now, IHG has released data showin
Publish At:2017-04-19 00:10 | Read:3423 | Comments:0 | Tags:Other Crowne Plaza breach Holiday Inn breach Holiday Inn Exp

Hacking Facebook Accounts with just a phone number through the SS7 protocol

Hacking Facebook Accounts with just a phone number is possible, experts from Positive Technologies demonstrated it exploiting flaws in the SS7 protocol. Hacking Facebook accounts by knowing phone numbers it is possible, a group of researchers from Positive Technologies demonstrated it. “Researchers have proven just that by taking control of a Facebook
Publish At:2016-06-15 21:00 | Read:2590 | Comments:0 | Tags:Breaking News Hacking Mobile Social Networks Hacking Faceboo

Some Notes on Utilizing Telco Networks for Penetration Tests

After a couple of years in pentesting Telco Networks, I’d like to give you some insight into our pentesting methodology and setup we are using for testing “Mobile and Telecommunication Devices”. I am not talking about pentesting professional providers’ equipment (as in previous blogposts), it is about pentesting of devices that have a
Publish At:2016-05-25 14:40 | Read:3160 | Comments:0 | Tags:Security Tools 2G gsm IoT pentest sms Telco

Virus hoaxes still thrive while ‘Sonia disowns Rahul’

Virus hoaxes still thrive while ‘Sonia disowns Rahul’ Posted by David Harley on March 21, 2016.This is something of a twist on an old favourite – a virus hoax that I saw posted by an acquaintance recently on a social media site. Bizarrely, virus hoaxes seem to be surviving
Publish At:2016-03-21 23:00 | Read:5854 | Comments:0 | Tags:David Harley anti-hoax heuristics Facebook hoax SMS Sonia di

Using Two-Factor Authentication for the Administration of Critical Infrastructure Devices

Two-factor authentication (2FA) is a type of multi-factor authentication that verifies a user based on something they have and something they know.The most popular 2FA method currently in use is the token code, which generates an authentication code at fixed intervals. Generally, the user will enter in their username, and their password will be a secret PIN
Publish At:2015-10-20 14:30 | Read:3085 | Comments:0 | Tags:Featured Articles Vulnerability Management 2FA Heartbleed pa

Android Dolphin, Mercury Browsers Vulnerable to Remote Attacks

A number of Android vulnerabilities have made headlines in recent weeks. Back in July, news first broke about “Stagefright,” a bug that allows an attacker to remotely execute code using a specially crafted MMS. At around the same time that Google announced patches for this vulnerability, at least one of which has been shown to be ineffective, res
Publish At:2015-08-26 14:00 | Read:2918 | Comments:0 | Tags:Cyber Security Featured Articles Android Dolphin Google Merc

Instagram Follower Booster Leads to SMS Browser Extension PUP

We’ve seen some Instagram spam claiming to offer up a significant bump in follower numbers, using a site which claims it can top you up with anything from 17 to 9,998 people desperate to see your sandwich photographs. There’s also a “Max” setting, which one hopes and assumes is either 9,999 or infinity. Tough call. Here’s the In
Publish At:2015-08-25 14:45 | Read:2753 | Comments:0 | Tags:Online Security extension followers Instagram PUP sms spam

New SMiShing Campaign Targets T-Mobile Subscribers

We advise our blog readers and T-Mobile subscribers to be wary of this latest SMiShing (or SMS phishing) attempt in the wild. In case you have encountered the below URL online or on your mobile device via SMS, do note that the information you might be imparting to avail of the so-called discount is far more valuable than the $20 savings this campaign promise
Publish At:2015-08-13 03:20 | Read:4321 | Comments:0 | Tags:Fraud/Scam Alert phish phishing smishing sms

Watch out for Costly Mobile Ads

There are lots of ways you can have a bad hair day with a mobile device – a rogue app from the Play Store, a dubious file from a non-official source or even a phish attack which takes advantage of a mobile’s smaller screen size. A less annoying issue is pop-ups, adverts and redirects – you’ll probably encounter these every so often on
Publish At:2015-08-11 16:05 | Read:17630 | Comments:0 | Tags:Online Security Mobile phone sms

Android Stagefright Flaws Put 950 Million Devices at Risk

Vulnerabilities discovered in the Stagefright media playback engine that is native to Android devices could be the mobile world’s equivalent to Heartbleed. Almost all Android devices contain the security and implementation issues in question; unpatched devices are at risk to straightforward attacks against specific users that put their privacy, data an
Publish At:2015-07-28 09:05 | Read:2153 | Comments:0 | Tags:Google Hacks Mobile Security Vulnerabilities Android Android

How to use old GSM protocols/encodings to know if a user is Online on the GSM Network AKA PingSMS 2.0

In the last few months I’ve been playing with Android’s low level GSM API, a few years ago the (in)famous sendRawPdu API was available, allowing a developer to manually encode a SMS message at a very low level before sending it to the GSM baseband itself and quite a few applications sending all kind of weird SMS ( flash sms, silent sms, etc ) were born ( for
Publish At:2015-07-27 19:55 | Read:2970 | Comments:0 | Tags:sms gsm mms wap wap push wap push notifications delivery rep

Computer Criminals Brought to Justice – Twin Russian Hackers

Last week, Tripwire explored the story of Brandon Bourret and Athanasios Andrianakis, two men who developed an app that scans Photobucket users’ private photo albums in search of naked selfies.We now report on a pair of twin Russian hackers who allegedly gained unauthorized access to more than 7,000 Russian bank accounts using social engineering techniques.T
Publish At:2015-06-09 12:36 | Read:2978 | Comments:0 | Tags:Featured Articles Government Hacker Russian Ministry of Inte

This Black Box Can Brute Force Crack iPhone PIN Passcodes

If you don't have time to read this whole blog post, do one thing for me okay?Change your iPhone password from a simple 4 digit numeric code to a longer, more advanced version, which can include letters and symbols as well as numbers.Done that? Good. Now go and watch some cat videos on YouTube.For the rest of you who are still with me, check out this fascina
Publish At:2015-03-17 00:20 | Read:2423 | Comments:0 | Tags:Security & Privacy CVE-2014-4451 iOS passcode PIN SMS

Facebook Hacks and SMS, Oh My

There’s a supposed “Facebook Hack” website located at facebookhack(dot)pl You can tell it’s all about hacking, because they’ve written the word “hack” underneath Facebook in dramatic red letters (well, dramatic MS paint letters). You’re supposed to enter a profile ID in the box, although you can leave it blank
Publish At:2015-02-10 17:50 | Read:3340 | Comments:0 | Tags:Fraud/Scam Alert facebook fake hack hacking sms


Share high-quality web security related articles with you:)


Tag Cloud