HackDig : Dig high-quality web security articles for hacker

Securing the managed service provider (MSP)

Managed service providers (MSPs) have been a boon to midsize enterprise. They allow for offloading technical debt to an agent with the skills and resources to manage it, thereby giving an organization room to focus on growing a business, rather than the particulars of infrastructure. For a long while, third-party service providers were not targeted dire
Publish At:2019-10-11 23:25 | Read:162 | Comments:0 | Tags:Business advanced persistent threats APT APT attacks APTs en

A week in security (September 30 – October 6)

Last week on Malwarebytes Labs, Malwarebytes renewed its pledge to fight stalkerware for National Cybersecurity Awareness (NCSA) and Domestic Violence Awareness Month. We also looked into what security orchestration is and reported about partnering with security firm, HYAS, to determine the relationship between Magecart Group 4 and Cobalt, the infamous APT
Publish At:2019-10-07 23:20 | Read:204 | Comments:0 | Tags:A week in security Adwind RAT APT Cobalt consumer behavior s

IT threat evolution Q2 2019

Targeted attacks and malware campaigns More about ShadowHammer In March, we published the results of our investigation into a sophisticated supply-chain attack involving the ASUS Live Update Utility, used to deliver BIOS, UEFI and software updates to ASUS laptops and desktops. The attackers added a backdoor to the utility and then distributed it to users thr
Publish At:2019-09-19 18:20 | Read:181 | Comments:0 | Tags:Featured Malware reports APT Cyber espionage Data leaks Fina

Incident Response report 2018

 Download full report (PDF) Introduction This report covers our team’s incident response practices for the year 2018. We have thoroughly analyzed all the service requests, customer conversations and incident response deliverables to provide you an overview in numbers. The report includes statistics on how companies reveal data breaches and comprom
Publish At:2019-09-19 18:20 | Read:190 | Comments:0 | Tags:Featured Publications APT DDoS-attacks Financial malware Ind

Gaza Cybergang is back, it leverages new tools against new targets

Gaza Cybergang threat actor it is back again, this time it is targeting organizations in the Middle East and North Africa (MENA) region. Gaza Cybergang is a threat actor that is believed to be linked to the Palestinian organization Hamas, it is back again targeting organizations in the Middle East and North Africa (MENA) region. According to the experts from
Publish At:2017-10-31 06:55 | Read:4329 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Malware

Gaza Cybergang – updated activity in 2017:

1. Summary information The Gaza cybergang is an Arabic-language, politically-motivated cybercriminal group, operating since 2012 and actively targeting the MENA (Middle East North Africa) region. The Gaza cybergang’s attacks have never slowed down and its typical targets include government entities/embassies, oil and gas, media/press, activists, politi
Publish At:2017-10-30 15:55 | Read:4046 | Comments:0 | Tags:APT reports APT Arabic Malware Macros Mobile Malware Targete

APT28 group is rushing to exploit recent CVE-2017-11292 Flash 0-Day before users apply the patches

The APT28 group is trying to exploit the CVE-2017-11292 Flash zero-day before users receive patches or update their systems. Security experts at Proofpoint collected evidence of several malware campaigns, powered by the Russian APT28 group, that rely on a Flash zero-day vulnerability that Adobe patched earlier this week. According to the experts who observed
Publish At:2017-10-23 00:30 | Read:4706 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Adobe Flash CVE-2017

DHS and FBI warn of ongoing attacks on energy firms and critical infrastructure

The US DHS and the FBI have issued a warning that APT groups are actively targeting energy firms and critical infrastructure. The US Department of Homeland Security (DHS) and the FBI have issued a warning that APT groups are actively targeting government departments, and firms working in the energy, nuclear, water, aviation, and critical manufacturing sector
Publish At:2017-10-23 00:30 | Read:3051 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking DHS Dragonfly energy

BlackOasis APT and new targeted attacks leveraging zero-day exploit

More information about BlackOasis APT is available to customers of Kaspersky Intelligence Reporting Service. Contact: intelreports@kaspersky.com Introduction Kaspersky Lab has always worked closely with vendors to protect users. As soon as we find new vulnerabilities we immediately inform the vendor in a responsible manner and provide all the details require
Publish At:2017-10-21 15:05 | Read:3838 | Comments:0 | Tags:Featured Research Adobe APT Microsoft Word Vulnerabilities a

CSE CybSec ZLAB Malware Analysis Report: APT28 Hospitality malware

The CSE CybSec Z-Lab Malware Lab analyzed the Hospitality malware used by the Russian APT28 group to target hotels in several European countries. The Russian hacker group APT28, also known as Sofacy or Fancy Bear, is believed to be behind a series of attacks in last July against travelers staying in hotels in Europe and Middle East. This attack is performed
Publish At:2017-10-05 17:05 | Read:3461 | Comments:0 | Tags:APT Breaking News Cyber warfare Malware APT28 cyber espionag

Intezer researchers link CCleaner hack to Chinese APT17 hackers

Researchers from security firm Intezer speculate that the attack was powered by nation-state actor, likely the Chinese APT17 group. Security experts continue to investigate the recent attack against the supply chain of the popular software CCleaner. The hackers first compromised in July a CCleaner server, then exploited it to deliver a backdoored version of
Publish At:2017-10-04 22:40 | Read:4834 | Comments:0 | Tags:APT Breaking News Hacking Malware APT17 CCleaner version 5.3

The Festive Complexities of SIGINT-Capable Threat Actors

To read the full paper and learn more about this, refer to “Walking in Your Enemy’s Shadow: When Fourth-Party Collection Becomes Attribution Hell” Attribution is complicated under the best of circumstances. Sparse attributory indicators and the possibility of overt manipulation have proven enough for many researchers to shy away from the a
Publish At:2017-10-04 07:35 | Read:4123 | Comments:0 | Tags:Events Featured Research APT Deception techniques Targeted A

60% of institutions in Saudi Arabia hit by malware-based attacks

According to Kaspersky Lab, sixty percent of institutions in Saudi Arabia have experienced malware-based attacks over the past 12 months. Malware continues to be one of the most dangerous threats for organizations worldwide, and data recently disclosed by security firms. According to Kaspersky Lab, Saudi Arabia is under a constant malware-based attack, the e
Publish At:2017-10-01 20:55 | Read:2478 | Comments:0 | Tags:Breaking News Cyber Crime Cyber warfare Hacking APT malware

Even More Evidence That Russian Was Meddling in the 2016 US Election

Evidence that Russian hackers attempted to interfere with the 2016 US Election continues to pile up, DHS notified states whose systems were hit by APTs. Evidence that Russia attempted to interfere with the 2016 US Election continues to pile up. Rumours started almost as soon as the 2016 US Election was completed, individuals with the White House have been qu
Publish At:2017-09-26 11:00 | Read:3644 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Intelligence 2016 US

CCleaner hackers targeted tech giants with a second-stage malware

The threat actor that recently compromised the supply chain of the CCleaner software targeted at least 20 tech firms with a second-stage malware. The threat actor that recently compromised the supply chain of the CCleaner software to distribute a tainted version of the popular software targeted at least 20 major international technology firms with a second-
Publish At:2017-09-22 14:45 | Read:2340 | Comments:0 | Tags:APT Breaking News Cyber Crime Hacking Malware APT17 backdoor

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud