HackDig : Dig high-quality web security articles for hackers

[SANS ISC] Compromized Desktop Applications by Web Technologies

I published the following diary on isc.sans.edu: “Compromized Desktop Applications by Web Technologies”: For a long time now, it has been said that “the new operating system is the browser”. Today, we do everything in our browsers, we connect to the office, we process emails, documents, we chat, we perform our system maintenances,
Publish At:2020-07-25 14:17 | Read:183 | Comments:0 | Tags:SANS Internet Storm Center Security Compromized JavaScript M

PSD2 – Mandatory Account Access for Third Party Providers

On September 14th the final deadline of complying with the new Payment Service Directive PSD2 will be reached. Among other things, this directive will bring quite a few technical challenges for credit institutions. These include new requirements on two-factor authentication and API access for third parties. In this blog post we will give a short overview of
Publish At:2019-09-19 17:15 | Read:1039 | Comments:0 | Tags:Misc banking finance web

Web Application Whitepaper

This document aims to analyse and explore data collected from technical assurance engagements during 2016. The original piece of data analysis was performed by two of our interns (Daniel and Chris) as part of Cisco’s intended contribution to the next Top 10 publication from OWASP however due to time constraints, our data points were not submitted. As a
Publish At:2017-10-27 17:20 | Read:3277 | Comments:0 | Tags:Whitepapers analysis HTML5 SDL training web

Keep your cookies safe (part 1)

What are cookies and why are they important? A cookie is a small piece of data sent from a website and stored in a user’s web browser and is subsequently includes with all authenticated requests that belong to that session. Some cookies contain the user session data in a website, which is vital. Others cookies are used for tracking long-term records of
Publish At:2016-11-20 02:20 | Read:6085 | Comments:0 | Tags:Blog phishing SDL training web

Is your identity safe online? You might be surprised

You might know what a VPN (Virtual Private Network) is. But if you’re like many people out there, you probably don’t use one. You should though. And when you finish this blog post, you’ll know why.   A VPN is a private network established over the internet. That might sound complicated, so simply put, a VPN provides security for your device’s internet c
Publish At:2016-07-28 23:45 | Read:3808 | Comments:0 | Tags:Privacy Security encryption freedome Internet tracking mass

4 People who can see what Porn you Watch, and 4 Tips to Stop it

In the grand scheme of things, there certainly are more important facets to online privacy than keeping one’s porn habits private (government overreach, identity theft, credit card fraud to name a few). However, adult browsing histories are one of the secrets in their online lives people want to protect the most, so it might be disconcerting to know that por
Publish At:2016-06-04 21:20 | Read:3763 | Comments:0 | Tags:Privacy Web communication encryption freedome Internet priva

Anonymity is not Just for Criminals – 3 legit Reasons to Hide your Tracks Online

  In 1853 a strange new invention appeared in the English cityscape, and caused a small wave of moral outrage among Victorians. This perceived threat to social order was not a new drug, political movement or saucy romance novel, but the seemingly harmless letter box. One reason was the shocking development of women now being able to post letters without
Publish At:2016-05-21 10:35 | Read:3319 | Comments:0 | Tags:Privacy communication freedome Internet tracking mass survel

3 Easy Steps to Stream your Favorite Sports Events, Wherever you are

It’s going to be a busy month for sports lovers from all corners of the world. Hockey fans are currently being treated to both the NHL playoffs and the IIHF world cup, and the coming month will see things like the Champions League final, the US Masters, the NBA playoffs, and to top it all off, the European Championships in football. This presents a problem f
Publish At:2016-05-16 21:05 | Read:3076 | Comments:0 | Tags:Web World Cup F-Secure Internet privacy VPN

Want to Pwn Internet Trackers? Here’s How

A recent PEW report says that 86 percent of people have taken action to avoid online surveillance, including simple things like clearing their browser cache, as well as using more effective methods, such as using a VPN (virtual private network). The same report says that 61 percent of participants indicated that they’d like to do more. Many people understand
Publish At:2016-03-16 17:00 | Read:6375 | Comments:0 | Tags:Privacy Web F-Secure Internet Mikko Hypponen mobile mobile p

F-Secure’s Mobile World Congress 2016 Recap

Mobile World Congress 2016 came and went last week. Lots of companies made exciting announcements, demonstrated exciting new gadgets, and created a fun, engaging atmosphere where tech enthusiasts could congregate and check out what the future has in store. And F-Secure was no exception. Our team was there, in hall 6, helping spread the word on how people can
Publish At:2016-02-29 20:55 | Read:3799 | Comments:0 | Tags:Privacy Security F-Secure Internet privacy protection securi

What are your kids doing for Safer Internet Day?

Today is Safer Internet Day – a day to talk about what kind of place the Internet is becoming for kids, and what people can do to make it a safe place for kids and teens to enjoy. We talk a lot about various online threats on this blog. After all, we’re a cyber security company, and it’s our job to secure devices and networks to keep people protected from mo
Publish At:2016-02-09 12:35 | Read:3193 | Comments:0 | Tags:Security Social media F-Secure Internet mobile protection sa

Want to Know how Adblocking Works?

Adblocking made waves last summer after Apple announced that it would bake content blocking capabilities into iOS 9. Content blocking lets users filter out content that they don’t want to load, and in this case, it worked with Apple’s Safari web browser. And there’s one kind of content that typically irritates people more than anything else – ads. So Apple’s
Publish At:2016-02-05 18:10 | Read:4193 | Comments:0 | Tags:Mobile Privacy F-Secure F-Secure Labs Internet mobile Phone

Mikko Hypponen’s Malware Hall of Fame

Mikko Hypponen is one of the world’s most prominent cyber security experts. Described as a “virus hunter” in a Vanity Fair profile called “The Code Warrior”, Hypponen has spent nearly 25 years with F-Secure protecting people from computer viruses, worms, trojans, and other types of malware. In 2011, Hypponen travelled to Pakistan to meet the men behind the f
Publish At:2016-01-29 05:20 | Read:4261 | Comments:0 | Tags:Online Threats Security antivirus F-Secure F-Secure Labs FBI

Finding and Exploiting Same Origin Method Execution vulnerabilities

Recently it came to my attention that it was possible to abuse JSONP callbacks using a vulnerability known as SOME – Same Origin Method Execution which can be used by an attacker to widely abuse a user’s trust between the web application and the intended flow of execution. For example, using the SOME attack it is possible for an attacker to trick
Publish At:2015-12-31 16:50 | Read:7154 | Comments:0 | Tags:exploitation Open Source pentesting pentura privacy security

Sean Sullivan says look out for extortion, ad blocking in 2016

This is part of a series of posts about what security experts think will happen in 2016. F-Secure Security Advisor Sean Sullivan spends a lot of his time thinking about how people expose themselves to online risks. Whenever you download an app, click on a link, or open an email, there’s potential security problems that most people never even think about. But
Publish At:2015-12-18 18:45 | Read:4023 | Comments:0 | Tags:Online Threats Security ads F-Secure Internet malware protec


Share high-quality web security related articles with you:)