HackDig : Dig high-quality web security articles for hacker

Dnsmasq: A Reality Check and Remediation Practices

Dnsmasq is the de-facto tool for meeting the DNS/DHCP requirements of small servers and embedded devices. Recently, Google Security researchers identified seven vulnerabilities that can allow a remote attacker to execute code on, leak information from, or crash a device running a Dnsmasq version earlier than 2.78, if configured with certain options. Based on
Publish At:2017-10-21 18:05 | Read:85 | Comments:0 | Tags:Internet of Things Vulnerabilities Dnsmasq routers

New Malicious Macro Evasion Tactics Exposed in URSNIF Spam Mail

by John Anthony Bañes Malicious macros are commonly used to deliver malware payloads to victims, usually by coercing victims into enabling the macro sent via spam email. The macro then executes a PowerShell script to download ransomware or some other malware. Just this September EMOTET, an older banking malware, leveraged this method in a campaign that saw i
Publish At:2017-10-21 18:05 | Read:88 | Comments:0 | Tags:Malware macro sandbox Spam

Magnitude Exploit Kit Now Targeting South Korea With Magniber Ransomware

A new ransomware is being distributed by the Magnitude exploit kit: Magniber (detected by Trend Micro as RANSOM_MAGNIBER.A and TROJ.Win32.TRX.XXPE002FF019), which we found targeting South Korea via malvertisements on attacker-owned domains/sites. The development in Magnitude’s activity is notable not only because it eschewed Cerber—its usual ransomware paylo
Publish At:2017-10-21 18:05 | Read:76 | Comments:0 | Tags:Bad Sites Exploits Ransomware CERBER CVE-2016-0189 Locky Ran

A Look at Locky Ransomware’s Recent Spam Activities

Ransomware has been one of the most prevalent, prolific, and pervasive threats in the 2017 threat landscape, with financial losses among enterprises and end users now likely to have reached billions of dollars. Locky ransomware, in particular, has come a long way since first emerging in early 2016. Despite the number of times it apparently spent in hiatus, L
Publish At:2017-10-21 18:05 | Read:37 | Comments:0 | Tags:Ransomware Spam Locky ransomware Trickbot

WPA2 Protocol Vulnerability – Intercepting Password on Wireless Device

Overview The WPA2 Protocol vulnerability allows attacker to decrypt the network traffic from the vulnerable device and it also allow to view the critical information, injecting the packets/data from the vulnerable devices. The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks and the researcher who found this vulnerability is no
Publish At:2017-10-21 16:40 | Read:80 | Comments:0 | Tags:Security Advisory WPA2 Protocol Vulnerability Vulnerability

SANS Maturity Model Webinar Describes How to Grow Your Security Strategy

Setting your security strategy is a challenging task that comes with lot of opinions (and vendors!). SANS provides a rationale for growing protection that is logically calibrated to growth and expanding needs. Register for this webinar and even if you can’t make it, we’ll send you the recording (and a whitepaper). With so many security solution
Publish At:2017-10-21 16:25 | Read:100 | Comments:0 | Tags:Innovation maturity model recording registration SANS Securi

A Cybersecurity Proof: The Application is the Endpoint

Vulnerable applications and browsers are the persistent data breach entry points—it’s not about the files Isolation is the only solution that can absolutely eliminate kernel-level exploits and malware escapes It’s time to rethink information security defense around fewer, smarter, yet more effective layers You have many more endpoints than you think. How m
Publish At:2017-10-21 16:25 | Read:26 | Comments:0 | Tags:Threats access points application attack vector endpoint End

BlackOasis APT and new targeted attacks leveraging zero-day exploit

More information about BlackOasis APT is available to customers of Kaspersky Intelligence Reporting Service. Contact: intelreports@kaspersky.com Introduction Kaspersky Lab has always worked closely with vendors to protect users. As soon as we find new vulnerabilities we immediately inform the vendor in a responsible manner and provide all the details require
Publish At:2017-10-21 15:05 | Read:92 | Comments:0 | Tags:Featured Research Adobe APT Microsoft Word Vulnerabilities a

ATMii: a small but effective ATM robber

While some criminals blow up ATMs to steal cash, others use less destructive methods, such as infecting the ATM with malware and then stealing the money. We have written about this phenomenon extensively in the past and today we can add another family of malware to the list – Backdoor.Win32.ATMii. ATMii was first brought to our attention in April 2017,
Publish At:2017-10-21 15:05 | Read:50 | Comments:0 | Tags:Research ATM Backdoor Financial malware

ATM malware is being sold on Darknet market

Disclaimer and warning ATM systems appear to be very secure, but the money can be accessed fairly easily if you know what you are doing. Criminals are exploiting hardware and software vulnerabilities to interact with ATMs, meaning they need to be made more secure. This can be achieved with the help of additional security software, properly configured to stop
Publish At:2017-10-21 15:05 | Read:92 | Comments:0 | Tags:Research ATM Darknet Financial malware Malware Descriptions

Zimperium Named a Leader in the IDC MarketScape for Mobile Threat Management

Zimperium has been positioned as a leader in the IDC MarketScape* on worldwide Mobile Threat Management Security Software. The IDC MarketScape provides a clear framework in which the product and service offerings, capabilities and strategies, and current and future market success factors of IT and telecommunications vendors can be meaningfully compared. Mike
Publish At:2017-10-21 13:50 | Read:74 | Comments:0 | Tags:Analysts IDC IDC MarketScape Mobile Threat Management MTM

Validating Machine Learning Detection of Mobile Malware

Zimperium’s core machine learning engine, z9, has a proven track record of detecting zero-day exploits. We recently announced an extension of the framework that detects previously unknown mobile malware. This extension is known as “z9 for Mobile Malware”, and was officially announced in September 2017. Internally, the code name has been “Cogito”, so this res
Publish At:2017-10-21 13:50 | Read:60 | Comments:0 | Tags:Android Mobile Malware Mobile security Mobile Threat Defense

Detecting KRACK Man in the Middle Attacks

What is KRACK? KRACK (Key Reinstallation attaCKs, KRACKs) is a serious weakness in the WPA2 protocol. WPA2 secures all modern protected Wi-Fi networks including those used by smartphones. Attackers within physical range of a Wi-Fi network can exploit protocol weaknesses by using key reinstallation attacks. The attack works against all modern protected Wi-Fi
Publish At:2017-10-21 13:50 | Read:62 | Comments:0 | Tags:Mobile security Mobile Threat Defense Threat Research KRACK

Detecting DoubleLocker Ransomware

What is DoubleLocker? Security researchers at ESET discovered a new ransomware infecting Android phones called DoubleLocker. DoubleLocker is an exploit that encrypts data on the infected device and then changes the device PIN to a random number. Victims remain locked out of their device unless they pay a ransom to the hackers. DoubleLocker spreads in the ver
Publish At:2017-10-21 13:50 | Read:29 | Comments:0 | Tags:Mobile Malware Threat Research DoubleLocker mobile malware

CVE-2017-9292, Lansweeper 6.0.0.63 XSS vulnerability

=============================================- Release date: October 05th, 2017- Discovered by: Giovanni Cerrato, Giovanni Guido and BackBox team- Severity: Medium============================================= I. VULNERABILITY-------------------------Lansweeper XSS vulnerability. II. INTRODUCTION-------------------------Lansweeper an Asset Management and Netw
Publish At:2017-10-07 06:20 | Read:759 | Comments:0 | Tags: Xss Vulnerability

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud