HackDig : Dig high-quality web security articles for hackers

APT trends report Q2 2020

For more than three years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They
Publish At:2020-07-29 06:05 | Read:166 | Comments:0 | Tags:APT reports Featured APT Backdoor Chinese-speaking cybercrim

Kinda sorta weakened version of EARN IT Act creeps closer

byLisa VaasThere are gut-churning tales of online child sexual abuse material (CSAM). Last week, when a bill designed to strip legal protection from online abusers sailed through the Senate Judiciary Committee, UC/Berkeley Professor Hany Farid passed on this example from investigators at the Department of Justice’s Child Exploitation and Obscenity Section:
Publish At:2020-07-08 08:00 | Read:132 | Comments:0 | Tags:Cryptography Government security Law & order #nobackdoors Ba

Chinese tax software bundled with GoldenSpy backdoor targets western companies

A new malware dubbed GoldenSpy is being distributed embedded in tax payment software that some businesses operating in China are required to install. GoldenSpy is a new backdoor that is being distributed embedded in tax payment software (the Aisino Intelligent tax software) that some businesses operating in China are required to install. The c
Publish At:2020-06-29 07:08 | Read:280 | Comments:0 | Tags:Breaking News Hacking Malware backdoor China GoldenSpy backd

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Researchers uncovered a recent campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations. Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions
Publish At:2020-06-18 16:19 | Read:217 | Comments:0 | Tags:APT Breaking News Hacking Malware backdoor Gamaredon hacking

BazarBackdoor: A new gateway to corporate systems

In mid-March, the number of brute force attacks on RDP connections skyrocketed. The aim of these attacks was to take advantage of the sudden increase in remote workers and take over their corporate computers. Exploiting the current COVID-19 pandemic in this way is just one of the many techniques that cybercriminals have for gaining access to companies’
Publish At:2020-06-01 09:29 | Read:262 | Comments:0 | Tags:Business Malware advanced cybersecurity b2b backdoor spear p

New Turla ComRAT backdoor uses Gmail for Command and Control

Researchers uncovered a new advanced variant of Turla’s ComRAT backdoor that leverages Gmail’s web interface as C2 infrastructure. Cybersecurity researchers discovered a new version of the ComRAT backdoor, also known as Agent.BTZ, which is a malware that was employed in past campaigns attributed to the Turla APT group. Earlier versions of A
Publish At:2020-05-26 12:23 | Read:304 | Comments:0 | Tags:APT Breaking News Cyber warfare Malware backdoor hacking new

Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers

By Raphael Centeno and Llallum Victoria With additional insights from Bren Matthew Ebriega Cybercriminals are taking advantage of “the new normal” — involving employees’ remote working conditions and the popularity of user-friendly online tools — by abusing and spoofing popular legitimate applications to infect systems with malicious routines. We found two m
Publish At:2020-05-24 07:47 | Read:221 | Comments:0 | Tags:Bad Sites Botnets Malware application backdoor botnet Devil

Going dark: encryption and law enforcement

UPDATE, 05/22/2020: In the advent of the EARN IT Act, the debate on government subversion of encryption has reignited.  Given that the material conditions of the technology have not changed, and the arguments given in favor of the bill are not novel, we’ve decided to republish the following blog outlining our stance on the subject. Originally published
Publish At:2020-05-24 07:20 | Read:351 | Comments:0 | Tags:Government Privacy Security world backdoor Department of Jus

New MacOS Dacls RAT Backdoor Shows Lazarus’ Multi-Platform Attack Capability

By Gabrielle Joyce Mabutas With additional insights/analysis from Kazuki Fujisawa A one-time password (OTP) system involves the use of a generated password that can only be used once to log in and access specific online services. Often managed by a third-party provider, this rolling password system aims to reduce unauthorized intrusions to systems via compro
Publish At:2020-05-18 12:48 | Read:253 | Comments:0 | Tags:Mac backdoor Lazarus RAT

Naikon’s Aria

Our colleagues at Checkpoint put together a fine research writeup on some Naikon resources and activity related to “aria-body” that we detected in 2017 and similarly reported in 2018. To supplement their research findings, we are summarizing and publishing portions of the findings reported in our June 2018 “Naikon’s New AR Backdoor De
Publish At:2020-05-18 12:12 | Read:312 | Comments:0 | Tags:APT reports Featured APT Backdoor Cyber espionage Malware Te

Hiding in plain sight: PhantomLance walks into a market

In July 2019, Dr. Web reported about a backdoor trojan in Google Play, which appeared to be sophisticated and unlike common malware often uploaded for stealing victims’ money or displaying ads. So, we conducted an inquiry of our own, discovering a long-term campaign, which we dubbed “PhantomLance”, its earliest registered domain dating back
Publish At:2020-05-03 08:09 | Read:379 | Comments:0 | Tags:APT reports Featured Apple MacOS APT Backdoor Google Android

APT trends report Q1 2020

For more than two years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They a
Publish At:2020-05-03 08:09 | Read:298 | Comments:0 | Tags:APT reports Featured Apple iOS APT Backdoor Chinese-speaking

Experts uncovered hidden behavior in thousands of Android Apps

A group of security researchers has found thousands of Android apps containing hidden backdoors and blacklists. Researchers from The Ohio State University, New York University, and CISPA Helmholtz Center for Information Security analyzed thousands of mobile applications for Android and discovered dangerous behavior, including backdoors and blacklists.
Publish At:2020-04-05 14:48 | Read:704 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Mobile Android bac

Loncom packer: from backdoors to Cobalt Strike

The previous story described an unusual way of distributing malware under disguise of an update for an expired security certificate. After the story went out, we conducted a detailed analysis of the samples we had obtained, with some interesting findings. All of the malware we examined from the campaign was packed with the same packer, which we named Trojan-
Publish At:2020-04-02 06:58 | Read:701 | Comments:0 | Tags:Featured Malware descriptions Backdoor Malware Descriptions

Holy water: ongoing targeted water-holing attack in Asia

On December 4, 2019, we discovered watering hole websites that were compromised to selectively trigger a drive-by download attack with fake Adobe Flash update warnings. This campaign has been active since at least May 2019, and targets an Asian religious and ethnic group. The threat actor’s unsophisticated but creative toolset has been evolving a lot s
Publish At:2020-03-31 08:22 | Read:427 | Comments:0 | Tags:APT reports Featured Adobe Flash Backdoor drive-by attack Ja

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud