HackDig : Dig high-quality web security articles for hacker

Magnitude Exploit Kit Now Targeting South Korea With Magniber Ransomware

A new ransomware is being distributed by the Magnitude exploit kit: Magniber (detected by Trend Micro as RANSOM_MAGNIBER.A and TROJ.Win32.TRX.XXPE002FF019), which we found targeting South Korea via malvertisements on attacker-owned domains/sites. The development in Magnitude’s activity is notable not only because it eschewed Cerber—its usual ransomware paylo
Publish At:2017-10-21 18:05 | Read:2397 | Comments:0 | Tags:Bad Sites Exploits Ransomware CERBER CVE-2016-0189 Locky Ran

Cerber Ransomware Evolves Again, Now Steals From Bitcoin Wallets

By Gilbert Sison and Janus Agcaoili Cerber ransomware has acquired the reputation of being one of the most rapidly evolving ransomware families to date. Just in May, we pointed out how it had gone through six separate versions with various differences in its routines. Several months later and it seems to have evolved again, this time adding cryptocurrency th
Publish At:2017-08-03 14:25 | Read:1576 | Comments:0 | Tags:Malware Ransomware bitcoin CERBER ransomware

Cerber Version 6 Shows How Far the Ransomware Has Come (and How Far it’ll Go)

Additional analysis/insights by Alfredo Oliveira A little over a year after its first variants were found in the wild, Cerber (Detected by Trend Micro as RANSOM_CERBER family) now has the reputation for being the most prolific family of ransomware in the threat landscape. Since it first emerged in Russian underground marketplaces in March, 2016, Cerber has s
Publish At:2017-05-03 02:15 | Read:2057 | Comments:0 | Tags:Ransomware CERBER crypto-ransomware

Apache Struts 2 vulnerability exploited to deliver the Cerber ransomware

Cyber criminals exploited the recently patched Apache Struts 2 vulnerability CVE-2017-5638 in the wild to deliver the Cerber ransomware. A recently patched Apache Struts 2 vulnerability, tracked as CVE-2017-5638, has been exploited by crooks in the wild to deliver the Cerber ransomware. The remote code execution vulnerability affected the Jakarta-based file
Publish At:2017-04-07 05:25 | Read:2072 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cerber CVE-2017-56

Cerber Starts Evading Machine Learning

By Gilbert Sison The CERBER family of ransomware has been found to have adopted a new technique to make itself harder to detect: it is now using a new loader that appears to be designed to evade detection by machine learning solutions. This loader is designed to hollow out a normal process where the code of CERBER is instead run. Behavior and Analysis Ransom
Publish At:2017-03-28 14:55 | Read:2178 | Comments:0 | Tags:Malware Ransomware CERBER machine learning ransomware

CERBER Changes Course, Triple Checks for Security Software

By Marvelous Pelin and Gilbert Sison CERBER is a ransomware family that has seen its share of unusual features since its appearance early last year. From its use of audio warnings, to the targeting of cloud platforms and databases, to distribution via malvertising, emailed scripting files, and exploit kits, CERBER has always been willing to keep up with the
Publish At:2017-02-15 11:30 | Read:1619 | Comments:0 | Tags:Malware Ransomware CERBER ransomware

December 2016: The Month in Ransomware

Online extortionists closed 2016 with a spike in ransomware activity. The statistics for December were alarming: 32 new samples emerged and 33 existing strains got updated. The fact that security researchers released nine decryption tools is quite promising, but it is still a weak countervailing factor. The report below explores the ins and outs of the crypt
Publish At:2017-01-06 16:35 | Read:4147 | Comments:0 | Tags:Cyber Security Featured Articles Cerber encryption Jigsaw Lo

Recent Spam Runs in Germany Show How Threats Intend to Stay in the Game

By Alice Decker, Jasen Sumalapao, and Gilber Sison In early December, GoldenEye ransomware  (detected by Trend Micro as RANSOM_GOLDENEYE.A) was observed targeting German-speaking users—particularly those belonging to the human resource department. GoldenEye, a relabeled version of the Petya (RANSOM_PETYA) and Mischa (RANSOM_MISCHA) ransomware combo, GoldenEy
Publish At:2016-12-30 08:05 | Read:2138 | Comments:0 | Tags:Malware Ransomware Spam CERBER DRIDEX EMOTET GoldenEye Misch

GootKit and Godzilla End 2016 Strong with New Malware Campaigns

Two malware families known as GootKit and Godzilla are closing out the year strong with separate campaigns designed to harvest users’ financial information.In Canada, the GootKit trojan is targeting members of several financial institutions. The campaign begins when a user receives a spam message that appears to have originated from a trusted actor lik
Publish At:2016-12-29 23:50 | Read:2904 | Comments:0 | Tags:Latest Security News Cerber Godzilla GootKit malware Nemucod

Cerber Ransomware Spread by Nemucod in Pseudo-Darkleech Campaign

A pseudo-Darkleech campaign is exposing users to Nemucod malware that in turn downloads Cerber ransomware onto their machines.Heimdal’s security evangelist Andra Zaharia found the campaign hinges on pseudo-Darkleech infections by which malicious actors compromise WordPress websites and inject code into core WP files. The code displays a malicious ifram
Publish At:2016-12-27 16:30 | Read:3419 | Comments:0 | Tags:Latest Security News Cerber Heimdal Security malware Nemucod

November 2016: The Month in Ransomware

Ransomware authors kept trying to break new ground with their attacks last month, just like they did in October. One of the cybercriminal rings blatantly compromised San Francisco Municipal Transit Agency, demonstrating that critical infrastructure isn’t much of a moving target. Also, a slew of low-impact screen lockers and .NET-based ransomware surfaced. Pe
Publish At:2016-12-09 21:27 | Read:3609 | Comments:0 | Tags:Cyber Security Featured Articles Cerber encryption ransomwar

Cerber 5.0.1 Starts the Horrors of Christmas Ransomware

Christmas is around the corner, and cyber criminals are as restless as Santa’s dwarves. All big ransomware families are being updated on quite a regular basis, leaving users breathless and file-less. The Cerber ransomware family is an excellent example of a crypto family constantly being renewed.Cerber 5.0.1 is now making its rounds in the wild, and users sh
Publish At:2016-11-29 21:45 | Read:2481 | Comments:0 | Tags:Featured Articles Security Awareness Cerber ransomware secur

Businesses as Ransomware’s Goldmine: How Cerber Encrypts Database Files

Possibly to maximize the earning potential of Cerber’s developers and their affiliates, the ransomware incorporated a routine with heavier impact to businesses: encrypting database files. These repositories of organized data enable businesses to store, retrieve, sort, analyze, and manage pertinent information. When utilized effectively they help maintain the
Publish At:2016-11-22 13:45 | Read:3018 | Comments:0 | Tags:Ransomware CERBER database files ransomware

A Look at the Cerber Office 365 Ransomware

Reports of a Zero-day attack affecting numerous Office 365 users emerged late last month (hat tip to the researchers at Avanan), and the culprit was a new variant of the Cerber ransomware discovered earlier this year. As with the other Zero-day threats that have been popping-up like mushrooms of late, the main methods of infection is through the use of Offic
Publish At:2016-11-21 23:35 | Read:3745 | Comments:0 | Tags:Featured ThreatTrack Security Labs cerber cerber office 365

JSE File Downloads Zepto then Cerber 3 Ransomware

It’s like the Russian nesting doll of ransomware. We found this new ransomware delivery tactic particularly interesting and took a deeper look. Let’s start with some facts about a JSE File. A JSE File is an encoded JScript. The acronym stands for JScript Encoded File. This encoding can be done by the executable “screnc.exe” or by using Microsoft’s Scri
Publish At:2016-11-21 23:35 | Read:3969 | Comments:0 | Tags:ThreatTrack Security Labs cerber cerber 3 new cerber new zep

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud