HackDig : Dig high-quality web security articles for hacker

Just a Passing Fad? Fidget Spinners and the Malware Sandbox

This is the first installment in a three-part series about malware sandboxing. Stay tuned for more information. When the fidget spinner fad hit last year, my seventh grader was immediately on board and quickly became a fidget spinner snob, boasting about bearing quality and spin longevity. My fifth grader, however, eschewed fidget spinners with the same disd
Publish At:2017-08-29 10:15 | Read:344 | Comments:0 | Tags:Malware Threat Intelligence Advanced Malware Behavioral Anal

A ‘Wiper’ in Ransomware Clothing: Global Attacks Intended for Destruction Versus Financial Gain

Co-authored by Steve Stone After finalizing initial analysis, IBM X-Force Incident Response and Intelligence Services (IRIS) concluded that the Petya variant attacks that started on Tuesday, June 27, were intended as destructive attacks against Ukraine, rather than a means for cybercriminals to make money from ransom payouts. In other words, this attack was
Publish At:2017-06-30 03:45 | Read:420 | Comments:0 | Tags:Malware Advanced Attacks Advanced Malware Advanced Threats I

Health Care Endpoint Hygiene: A Post-WannaCry Call to Action

More so than in any other industry, the recent WannaCry attack caused health care organizations to rethink processes for keeping systems current and secure. Although Microsoft patched the very vulnerabilities WannaCry exploited over three months ago, many organizations are still struggling to find and patch relevant computers and systems. The Hidden Complexi
Publish At:2017-06-22 11:35 | Read:364 | Comments:0 | Tags:Endpoint Health Care Advanced Malware Endpoint Management En

Security in Dog Years, Malware Analysis in Minutes

A few weeks ago, the security community had its security blanket ripped firmly away as the WannaCry ransomware ripped through hospitals, rail systems, telecommunication companies and more as it made its way around the globe. While the dust settles and researchers figure out the initial infection vector and develop recommendations for preventing future inci
Publish At:2017-06-01 11:15 | Read:813 | Comments:0 | Tags:Incident Response Malware Threat Intelligence Advanced Malwa

Lessons Learned From the WannaCry Ransomware Attack and Many Others That Preceded It

Dry Your Eyes: Lessons Learned From WannaCry If you’re reading this post, congratulations! You hopefully aren’t using one of the more than 200,000 computers that were hit by the first wave of the WannaCry ransomware attack. Those unfortunate victims are dealing with bigger problems right now, such as how to admit patients to their emergency rooms
Publish At:2017-05-17 21:15 | Read:730 | Comments:0 | Tags:Endpoint Incident Response Malware Security Intelligence & A

Neverquest Gang Takes Leave — Is It the End of the Quest?

I’ll bet no one is missing the Neverquest Trojan, and maybe that’s why many have not even realized one of the top cybergang-operated malware codes has taken a substantial plunge this year. The Neverquest Trojan, a consistent occupant of the top 10 most active banking Trojans in the world, has suffered a blow due to the arrest of one of its allege
Publish At:2017-05-05 01:55 | Read:774 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Brazilian Malware Never Sleeps: Meet EmbusteBot

IBM Research — Haifa Labs continually invests in the research and development of advanced malware analysis solutions that enhance IBM’s ability to quickly detect and neutralize malware as new and challenging threats arise. Our ongoing observations of the Brazilian cybercriminal landscape have revealed a perpetual rise in new malicious campaigns in this
Publish At:2017-04-17 01:45 | Read:566 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Advanc

Commercial Malware Makes a Comeback in 2016

Among the trends identified in the IBM X-Force Threat Intelligence Index for 2017 was the notable reemergence of commercial malware in the fraud underground. Commercial malware is defined as malicious code that can be purchased or rented in software-as-a-service (SaaS) mode, sometimes in SaaS models, by cybercriminal buyers. The most popular types of malcode
Publish At:2017-03-29 20:30 | Read:1060 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

Churn Under the Surface of Global Cybercrime

Global cybercrime actors generally adhere to the same principal as a handyman: If it’s not broken, don’t fix it. But that’s not so easy when malware works in one area and attackers want to use it to target a new audience or geography. Moving malware across borders to a new target geographic means more resources for everything, from a relati
Publish At:2017-03-17 13:20 | Read:663 | Comments:0 | Tags:Advanced Threats Fraud Protection Malware X-Force Research A

GootKit Developers Dress It Up With Web Traffic Proxy

Discovered in summer of 2014, GootKit is widely considered one of the most sophisticated banking Trojans active in the wild. The malware is being used in online banking fraud attacks on consumer and business accounts, mostly in the U.K. and other parts of Europe. In this blog post, I will describe my analysis of a recent GootKit sample (MD5: 60e079ec28d47ef8
Publish At:2017-03-01 18:35 | Read:841 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Threat

The Full Shamoon: How the Devastating Malware Was Inserted Into Networks

Authored by the IBM X-Force Incident Response and Intelligence Services (IRIS) team Researchers from the IBM X-Force Incident Response and Intelligence Services (IRIS) team identified a missing link in the operations of a threat actor involved in recent Shamoon malware attacks against Gulf state organizations. These attacks, which occurred in November 2016 a
Publish At:2017-02-15 22:35 | Read:1675 | Comments:0 | Tags:Advanced Threats Threat Intelligence X-Force Research Advanc

Darkhotel APT Latest to Use Hacking Team Zero Day

The fallout from the HackingTeam data dump shows no signs of abating. Since the controversial surveillance software maker was hacked and 400 Gb of its data posted online in early July, a handful of zero-day vulnerabilities and exploits were publicly leaked and continue to find their way into the hands of criminal and state-sponsored hacking groups.The latest
Publish At:2015-08-10 11:35 | Read:869 | Comments:0 | Tags:Hacks Malware Vulnerabilities Web Security .hta .rar 0day ad

Detecting and Analyzing Kernel-Based Malware

Increasingly, malware authors are crafting attacks to inject malicious code into operating system (OS) kernels, where it is essentially invisible to many security systems. Instead of exclusively relying on user-mode components, we now see advanced attacks targeting the kernel. While it may not be surprising that most signature-based detection technologies mi
Publish At:2015-06-09 13:20 | Read:958 | Comments:0 | Tags:Malware Advanced Malware Advanced Threats Kernel-Based Malwa

Protecting the Endpoint Against Advanced Malware and Zero-Day Threats

While network-based security solutions provide protection for an enterprise’s network, it is only on the endpoint that full visibility and immediate prevention are possible. For example, consider employees who work remotely or travel frequently and are thus not subjected to network controls, or those who use untrusted removable media that could get inf
Publish At:2015-03-10 16:25 | Read:975 | Comments:0 | Tags:Data Protection Malware Network & Endpoint Advanced Malware

Cybercriminals Use Citadel to Compromise Password Management and Authentication Solutions

New Configuration of Citadel Trojan Discovered by IBM Trusteer Researchers In these days of endless breaches, securing user access by enforcing unique, complex passwords and strong authentication is imperative. The onslaught of data breaches in the past year alone, with the majority of the breaches involving compromised credentials, forced users to constantl
Publish At:2014-11-20 03:50 | Read:2035 | Comments:0 | Tags:Banking & Financial Services Energy and Utility Malware Adva

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud