HackDig : Dig high-quality web security articles for hackers

Cisco Talos releases the BASS open source malware signature generator

Cisco Talos intelligence group released an open source framework named BASS that is designed for automatically generating antivirus signatures from malware. BASS is an automated signature synthesizer, it is able to automatically create signatures from the analysis of a malicious code that belongs to previously generated clusters. The BASS tool aims to simpli
Publish At:2017-06-21 18:15 | Read:4337 | Comments:0 | Tags:Breaking News Malware BASS Cisco Talos ClamAV forensics malw

Hailstorm Spam in the Sights of New Detection System

The research teams at Cisco Talos and Umbrella have deployed a new system designed to detect hailstorm spam campaigns.Hailstorm spam is in some respects different from snowshoe spam. With the latter, a large number of IP addresses send out a low volume of spam email over an extended period of time. Snowshoe spam works that way to avoid raising any red flags
Publish At:2016-12-22 23:55 | Read:4655 | Comments:0 | Tags:Latest Security News Cisco Talos DNS hailstorm spam malware

Pro PoS Malware Simple, Less Sophisticated Than Initially Thought

A strain of point-of-sale malware that began making the rounds on underground markets late last month is easy to use, but less sophisticated than initial reports suggested.According to researchers at Talos, Cisco’s research division, Pro PoS is mostly built on Alina, another type of POS malware which had its source code leaked earlier this year. Repo
Publish At:2015-12-18 07:15 | Read:3523 | Comments:0 | Tags:Malware Alina Cisco Talos malware point of sale malware pos

AutoIt Used in Targeted Attacks to Move RATs

Hackers, months ago, revived macros as an attack vector to primarily hide banking malware spread by spam campaigns.Not be left out, some targeted attacks kicked off by convincing phishing emails, have been moving a few remote access Trojans and other malware via Word docs. One particular targeted campaign, researchers at Cisco said, was using AutoIt to drop
Publish At:2015-08-25 21:35 | Read:3274 | Comments:0 | Tags:Malware Vulnerabilities Web Security Alex Chiu AutoIt Cisco

Windows 10 Upgrade Spam Carries CTB-Locker Ransomware

In the week since a free upgrade to Windows 10 was made available, users have learned a of about a host of built-in privacy and security issues, the most troubling being a native feature called Wi-Fi Sense that grants access to your Wi-Fi network to contacts stored in a host of online services.Now hackers are in on the game. The inevitable Windows 10 spam an
Publish At:2015-08-03 22:45 | Read:4028 | Comments:0 | Tags:Cryptography Malware Ransomware Web Security Bitcoin Cisco C

Patched Apple QuickTime Vulnerability Details Disclosed

Use-after-free vulnerabilities have nudged buffer overflows off their exclusive perch of serious bugs that hackers covet. They’ve been used in a number of targeted attacks, including some  high-profile nation-state attacks, and also were a motivation for Microsoft to implement UAF-specific mitigations in Internet Explorer and the Enhanced Mitigation Ex
Publish At:2015-07-01 16:50 | Read:4118 | Comments:0 | Tags:Apple Web Security apple Apple Patch apple security Cisco Ci

Google Apps ‘Defect’ Leaks Private WHOIS Data Of 280,000

Google has notified hundreds of thousands of domain registrants that their private WHOIS information has been exposed in the clear, opening them up to identity theft, phishing scams and more.Researchers from Cisco Talos last night said the problem likely lies with one of Google’s registrar partners eNom and affects 94 percent of the 305,925 domains reg
Publish At:2015-03-14 01:00 | Read:3883 | Comments:0 | Tags:Privacy Vulnerabilities Web Security Cisco Talos domain regi

Cryptowall 3.0 Slims Down, Removes Exploits From Dropper

A slimmed down version of Cryptowall is in circulation, and this one contains no built-in exploits, confirming a growing trend that most ransomware will be spread almost exclusively via exploit kits.Kits such as Angler, Nuclear, and most recently Hanjuan, have been busy incorporating Flash exploits dropping a mix of click-fraud malware and ransomware with gr
Publish At:2015-02-09 17:20 | Read:4162 | Comments:0 | Tags:Uncategorized Cisco Cisco Talos command and control Cryptowa

1,800 Domains Overtaken by Flash Zero Day

When the Blackhole exploit kit went away after the arrest of its alleged creator and maintainer Paunch, there were questions about which kit would rise up as its successor.It seems that the Angler exploit kit has ascended to the throne.The most definitive evidence seems to be the constant updating of the kit with a bevy of zero-day exploits for Adobe Flash P
Publish At:2015-02-03 21:45 | Read:3428 | Comments:0 | Tags:Malware Vulnerabilities Web Security adobe adobe flash playe

Inside Cryptowall 2.0 Ransomware

If you need more evidence that ransomware is here to stay, and could turn into cybercriminals’ weapon of choice, look no further than Cryptowall.Researchers at Cisco’s Talos group today published an analysis of a Cryptowall 2.0 sample, peeling back many layers of known commodities around this threat, such as its use of the Tor anonymity network t
Publish At:2015-01-07 02:35 | Read:3911 | Comments:0 | Tags:Malware Web Security 32-bit exploit 64-bit exploit Cisco Cis

White House to Blame Sony Hack on North Korea

The United States government is expected to attribute the damaging and embarrassing hack of Sony Pictures Entertainment to the government of North Korea. Various mainstream media outlets quoting anonymous government sources said North Korea is “centrally involved” in the attack, which NBC News said was carried out by hackers outside the isolated
Publish At:2014-12-18 21:10 | Read:3808 | Comments:0 | Tags:Critical Infrastructure Government Hacks Cisco Talos DarkSeo

SSL MiTM Vulnerability Among Vulns Patched in Pidgin

A handful of security vulnerabilities were patched in the most recent release of the Pidgin open source instant messaging client, Pidgin 2.10.10, including a SSL/TLS certificate validation issue that could be exploited in man-in-the-middle attacks.Reported by Jacob Appelbaum of the Tor Project, the vulnerability was found in the Pidgin NSS and GnuTLS plugins
Publish At:2014-11-10 14:45 | Read:3065 | Comments:0 | Tags:Vulnerabilities Web Security Cisco Cisco research Cisco Talo


Tag Cloud