HackDig : Dig high-quality web security articles for hackers

US offers up to $5m reward for information on North Korean hackers

byLisa VaasKnow anything about North Korean hackers and their activities in cyberspace, past or ongoing?The US on Wednesday said that it’s got up to $5 million in Rewards for Justice money if you cough up useful details, which you can do here.The FBI and the Departments of State, Treasury, and Homeland Security (DHS) put out an advisory about the persi
Publish At:2020-04-17 07:07 | Read:460 | Comments:0 | Tags:Cryptocurrency Government security Law & order Security thre

Microsoft patches wormable Windows 10 ‘SMBGhost’ flaw

byJohn E DunnWhat’s the difference between a scheduled security update and one that’s out-of-band?In the case of the critical Windows 10 Server Message Block (SMB) vulnerability (CVE-2020-0796) left unpatched in March’s otherwise bumper Windows Patch Tuesday update, the answer is two days.That’s how long it took Microsoft to change its mind about releasing a
Publish At:2020-03-16 08:53 | Read:678 | Comments:0 | Tags:Microsoft Operating Systems Security threats Vulnerability W

A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s

This post was co-authored by Wendy Zamora and Chris Boyd. All opinions expressed belong to your mom. Back in the days before climate change stretched frigid winter months directly into the insta-sweat of summer, there was a saying about March: in like a lamb, out like a lion. The same might be said about the last decade in cybersecurity fails. What kic
Publish At:2019-12-19 16:50 | Read:707 | Comments:0 | Tags:Awareness ashley madison ashley madison hack BadRabbit cambr

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a larger review of how security — or the lack thereof — ma
Publish At:2019-11-12 03:35 | Read:602 | Comments:0 | Tags:A Little Sunshine The Coming Storm Department of Health and

WannaCry – and why it never went away

byPaul DucklinThe infamous ransomware worm WannaCry is already more than two-and-a-half years old.WannaCry spreads using a security hole that was patched two months before the worm first appeared, so you’d be forgiven for assuming that it would have fizzled out by now and become little more than a museum curiosity.But a paper published recently by Soph
Publish At:2019-09-23 05:45 | Read:1204 | Comments:0 | Tags:Video malware Naked Security Live ransomware WannaCry

Threat Intelligence: A Tear-Free Solution to Help SOC Analysts Prepare for the Next WannaCry

It’s been nearly six months since the WannaCry ransomware stole global headlines and thousands of security practitioners flocked to threat intelligence feeds to help streamline their investigations. While the security community has learned many valuable lessons from the attack, it’s impossible to say that a strike of this magnitude won’t ha
Publish At:2017-10-26 01:10 | Read:5226 | Comments:0 | Tags:Malware Security Intelligence & Analytics Threat Intelligenc

What Do Recent Attacks Mean for OT Network Security?

Security management can be proactive or reactive depending on each organization’s risk appetite. When attacks are made public, things change, and learning from threats becomes a requirement for both C-suite members and security leaders. WannaCry, NotPetya and Industroyer are some of the most recently analyzed malware pieces. Apart from corporate networ
Publish At:2017-09-27 22:46 | Read:4928 | Comments:0 | Tags:Endpoint Energy & Utility Incident Response Network Critical

Worried About Apache Struts? Stay One Step Ahead of Endpoint Attacks

Endpoint attacks can come from any direction and many sources. Just consider the reported vulnerabilities found in Apache Struts and the damage caused by WannaCry and Petya. Companies need to stay one step ahead of endpoint attacks, but they struggle due to a lack of visibility of endpoint status, the complexity of investigations and ineffective remediation.
Publish At:2017-09-25 15:30 | Read:5504 | Comments:0 | Tags:Endpoint Incident Response Apache Endpoint Management Endpoi

Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet

The IBM X-Force Vulnerability Database (XFDB), which holds over 100,000 publicly disclosed vulnerabilities, is chock-full of insights concerning the cybersecurity threat landscape. Much of the data is publicly available directly on the IBM X-Force Exchange platform and can be accessed by users anytime. In reviewing the database on an ongoing basis, the IBM
Publish At:2017-09-14 21:10 | Read:7193 | Comments:0 | Tags:Advanced Threats Endpoint Threat Intelligence X-Force Resear

What Do Avocados and Threat Intelligence Have in Common?

Full disclosure: I would not eat guacamole for years because a certain puppet-centric movie I saw as a child had me convinced that it was actually made of frog brains. Once in college, however, seeing guacamole being made completely changed my opinion — unlike a sausage-making demonstration in a rather unfortunate public speaking class that same year of coll
Publish At:2017-09-13 08:20 | Read:3215 | Comments:0 | Tags:Incident Response Threat Intelligence IBM X-Force Exchange I

Who Is Marcus Hutchins?

In early August 2017, FBI agents in Las Vegas arrested 23-year-old British security researcher Marcus Hutchins on suspicion of authoring and/or selling “Kronos,” a strain of malware designed to steal online banking credentials. Hutchins was virtually unknown to most in the security community until May 2017 when the U.K. media revealed him as the
Publish At:2017-09-09 13:55 | Read:5662 | Comments:0 | Tags:Other 184.168.88.189 atthackers@hotmail.com Blackhole bv1 co

Security Specialists Discuss Identity and Access Management in the Age of Ransomware

Over the past few months, we have seen widespread attacks such as NotPetya and WannaCry cripple organizations at record scale and speed, either for monetary gain or with the sole purpose of causing destruction. In their wake, many professionals are assessing what these new threats mean for their security strategies, infrastructures and policies. As a point o
Publish At:2017-09-07 15:10 | Read:3614 | Comments:0 | Tags:Identity & Access Authentication Human Factor Identity and A

Blindfolded on the Battlefield: The Importance of Threat Hunting in the Modern Age

One of the fundamental problems with cybersecurity is that organizations often do not realize when they are compromised. Traditional incident response methods are typically reactive, forcing security teams to wait for a visible sign of an attack. The problem is that many attacks today are stealthy, targeted and data-focused. Just stop for a moment to ask you
Publish At:2017-08-23 22:25 | Read:3292 | Comments:0 | Tags:Data Protection Risk Management Data Breach Threat Detection

Incident Response and Threat Intelligence: A Potent One-Two Punch to Fight Cybercrime

Cybercriminals and their tactics are becoming increasingly sophisticated. Given the rash of widespread, devastating attacks thus far in 2017, this trend shows no signs of slowing down. It’s no longer enough to simply implement incident response solutions. Today’s threats require a dedicated team of security experts to maximize these tools with
Publish At:2017-08-17 19:00 | Read:3129 | Comments:0 | Tags:Incident Response Security Services Threat Intelligence Adva

Stay Up to Date on Threat Intelligence With New X-Force Exchange Capabilities

As both a parent and a bit of a nerd, I have a lot of corny jokes in my arsenal that cover a wide range of topics including animals, food, science fiction and the like. One of my favorite jokes comes from my data science background: “I never metadata I didn’t like.” This joke has it all: wordplay, the spirit of a joke your uncle might tell
Publish At:2017-08-16 09:00 | Read:4049 | Comments:0 | Tags:Threat Intelligence X-Force Research IBM X-Force Exchange IB

Announce

Share high-quality web security related articles with you:)

Tools