HackDig : Dig high-quality web security articles for hacker

Social-Engineer Toolkit (SET) v7.7 “Blackout” Released

TrustedSec is proud to announce a major release of the Social-Engineer Toolkit (SET) v7.7. This version incorporates support for hostnames in the HTA attack vector, and a redesigned Java Applet attack vector. Java is still widely used in corporations and with a valid code signing certificate can be one of the easiest ways to get a shell in an organization. I
Publish At:2017-07-11 05:30 | Read:312 | Comments:0 | Tags:blog

Episode 2.8 (July 3rd, 2017) – NSA and Exploit Tools, Petya, Russia, and Ransomware, systemd, Deathstar, and Offic

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Dave Kennedy, Ben Tenjamin, Geoff Walton, Chris Prewitt, Justin Bollinger Show links: http://www.nbcnews.com/news/us-news/can-cia-nsa-be-trusted-cyber-hacking-tools-n778731 http
Publish At:2017-07-04 07:50 | Read:338 | Comments:0 | Tags:blog exploit

50 hashes per hour

How often do you turn off your computer when you go home from work? We bet you leave it on so you don’t have to wait until it boots up in the morning. It’s possible that your IT staff have trained you to lock your system for security reasons whenever you leave your workplace. But locking your system won’t save your computer from a new type
Publish At:2017-06-06 08:30 | Read:542 | Comments:0 | Tags:Blog Research Data leaks Data Protection Linux Security Poli

WannaCry mistakes that can help you restore files after infection

Sometimes ransomware developers make mistakes in their code. These mistakes could help victims regain access to their original files after a ransomware infection. This article is a short description of several errors, which were made by the WannaCry ransomware developers. Errors in file removal logic When Wannacry encrypts its victim’s files, it reads
Publish At:2017-06-01 10:55 | Read:592 | Comments:0 | Tags:Blog Featured Research Ransomware WannaCry

WannaCry and Lazarus Group – the missing link?

A few hours ago, Neel Mehta, a researcher at Google posted a mysterious message on Twitter with the #WannaCryptAttribution hashtag: The cryptic message in fact refers to a similarity between two samples that have shared code. The two samples Neel refers to in the post are: A WannaCry cryptor sample from February 2017 which looks like a very early variant A
Publish At:2017-05-15 18:30 | Read:540 | Comments:0 | Tags:Blog Featured Research Lazarus Ransomware WannaCry

WannaCry FAQ: What you need to know today

Friday May 12th marked the start of the dizzying madness that has been ‘WannaCry’, the largest ransomware infection in history. Defenders have been running around with their heads on fire trying to get ahead of the infection and to understand the malware’s capabilities. In the process, a lot of wires have gotten crossed and we figured it
Publish At:2017-05-15 13:40 | Read:788 | Comments:0 | Tags:Blog Featured Research Encryption Malware Descriptions Ranso

BSides Denver 2017

Everyone loves a decent security conference, and BSides Denver provides one with space to breathe. Folks in sunny Colorado looking for a fine local gathering found talks on advanced social engineering, APT herding, securing smart cities and more. Even though BSides got its start as an “open source” event taking its contributors from rejected Bla
Publish At:2017-05-14 00:50 | Read:311 | Comments:0 | Tags:Blog

False Positives: Why Vendors Should Lower Their Rates and How We Achieved the Best Results

In pursuit of a high cyberthreat detection rate, the some developers of cybersecurity solutions neglect the subject matter of false positives, and unfairly so. Indeed, this is a very inconvenient matter that some developers tend to overlook (or try to solve with questionable methods) until there is a serious incident that could paralyze the work of their cus
Publish At:2017-05-13 11:15 | Read:412 | Comments:0 | Tags:Blog Opinions Antivirus Technologies Antivirus Testing false

WannaCry ransomware used in widespread attacks all over the world

Earlier today, our products detected and successfully blocked a large number of ransomware attacks around the world. In these attacks, data is encrypted with the extension “.WCRY” added to the filenames. Our analysis indicates the attack, dubbed “WannaCry”, is initiated through an SMBv2 remote code execution in Microsoft Windows. This
Publish At:2017-05-13 11:15 | Read:654 | Comments:0 | Tags:Blog Incidents Encryption Malware Descriptions Ransomware Vu

Episode 2.6 – Special Guest Jayson E. Street, Shadow Brokers, Google OAuth, and more!

Download Episode 2.6 here. Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Dave Kennedy, Scott White, Justin Bollinger, Costa Petros, Ben Ten, Chris Prewitt, Jayson E. Street Show links: https://www.bloomberg.com/news/article
Publish At:2017-05-06 04:20 | Read:562 | Comments:0 | Tags:blog

Clash of Greed

In 2015, the game Clash of Clans was bringing in about 1.5 million dollars per day for its developer, Supercell. Later on, the company launched a new project, Clash Royale, after addressing the flaws of their first game and implementing battles with real players into the new game, which shares the same characters and the same cartoonish design as the first p
Publish At:2017-05-04 07:10 | Read:533 | Comments:0 | Tags:Blog Phishing Mobile Attacks Online Games

Use of DNS Tunneling for C&C Communications

– Say my name. – 127.0.0.1! – You are goddamn right. Network communication is a key function for any malicious program. Yes, there are exceptions, such as cryptors and ransomware Trojans that can do their job just fine without using the Internet. However, they also require their victims to establish contact with the threat actor so they can
Publish At:2017-04-28 13:40 | Read:619 | Comments:0 | Tags:Blog Research Backdoor DNS Malware Descriptions Malware Tech

Hajime, the mysterious evolving botnet

Introduction Hajime (meaning ‘beginning’ in Japanese) is an IoT worm that was first mentioned on 16 October 2016 in a public report by RapidityNetworks. One month later we saw the first samples being uploaded from Spain to VT. This worm builds a huge P2P botnet (almost 300,000 devices at the time of publishing this blogpost), but its real purpose
Publish At:2017-04-25 12:00 | Read:1205 | Comments:0 | Tags:Blog Featured Research Botnets honeypot Internet of Things M

XPan, I am your father

While we have previously written on the now infamous XPan ransomware family, some of it’s variants are still affecting users primarily located in Brazil. Harvesting victims via weakly protected RDP (remote desktop protocol) connections, criminals are manually installing the ransomware and encrypting any files which can be found on the system. Interesti
Publish At:2017-04-24 17:40 | Read:617 | Comments:0 | Tags:Blog Research Brazil Ransomware RDP TeamXRat Trojan

Personalized Spam and Phishing

Most spam, especially the sort that is mass-mailed on behalf of businesses, has quite an impersonal format: spammers create a message template for a specific mailing purpose and often drastically diversify the contents of that template. Generally, these kinds of messages do not personally address the recipient and are limited to common phrases such as “
Publish At:2017-04-19 08:45 | Read:894 | Comments:0 | Tags:Blog Phishing Social Engineering Spam Letters

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud