HackDig : Dig high-quality web security articles

Massive increase in XorDDoS Linux malware in last six months

Microsoft says it’s recorded a massive increase in XorDDoS activity (254 percent) in the last six months. XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie (MMD). MMD believed the Linux Trojan originated in China. Based on a case study in 2015, Akamai strengthen
Publish At:2022-05-25 12:59 | Read:577 | Comments:0 | Tags:Reports akamai china CrowdStrike Linux malware Linux Trojan

Ransomware Gangs and the Name Game Distraction

It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. We hang on to these occasional victories because history tells us that most ransomware moneymaking collectives don’t go away so much as reinvent themselves under a new name, with new rules, targets and weaponry. Indeed, some o
Publish At:2021-08-05 09:55 | Read:4845 | Comments:0 | Tags:Ransomware Babuk ransomware BitPaymer BlackMatter ransomware

SolarWinds: What Hit Us Could Hit Others

New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company’s software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. More worrisome, the research suggests the insidious method
Publish At:2021-01-12 19:24 | Read:2170 | Comments:0 | Tags:Other CrowdStrike FireEye Orion SolarWinds breach Sudhakar R

A week in security (December 21- December 27)

Last week on Malwarebytes Labs we warned our readers about not so festive social media scams, how Emotet returned just in time for Christmas, we tried out some free online games your kids are playing and here’s what happened, and our VideoBytes episode talked about what penetration testing tools malware gangs love to use and why they are better than what you
Publish At:2020-12-28 13:50 | Read:2315 | Comments:0 | Tags:A week in security chase china CrowdStrike cyberpunk 2077 de

CrowdStrike releases free Azure tool to review assigned privileges

CrowdStrike released a free Azure security tool after it was notified by Microsoft of a failed attack leveraging compromised Azure credentials. While investigating the impact of the recent SolarWind hack, on December 15th Microsoft reported to CrowdStrike that threat actors attempted to read CrowdStrike’s emails by using a compromised Microsoft Azur
Publish At:2020-12-25 20:30 | Read:2413 | Comments:0 | Tags:Breaking News Security Azure CrowdStrike Hacking hacking new

Lock and Code S1Ep18: Finding consumer value in Cybersecurity Awareness Month with Jamie Court

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Jamie Court, president of the non-profit advocacy group Consumer Watchdog, about the consumer value in Cybersecurity Awareness Month. Launched initially as a joint effort between government and industry, this once
Publish At:2020-10-26 12:05 | Read:2737 | Comments:0 | Tags:Podcast brute force attacks consumer cybersecurity consumer

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to
Publish At:2020-06-09 14:07 | Read:2479 | Comments:0 | Tags:Latest Warnings Ransomware alex holden CrowdStrike DoppelPay

Tampa Bay Times hit with Ryuk ransomware attack

Florida newspaper The Tampa Bay Times suffered a Ryuk ransomware attack Thursday, making it the latest major victim of the notorious ransomware family that continues to rise in popularity. Curiously, the paper is at least the third Florida-based Ryuk victim in the past year. The attack, which The Tampa Bay Times reported on itself, did not result in a
Publish At:2020-01-24 16:50 | Read:3476 | Comments:0 | Tags:Ransomware Chicago Tribune CrowdStrike DCH Health System emo

Blowing the Whistle on Bad Attribution

The New York Times this week published a fascinating story about a young programmer in Ukraine who’d turned himself in to the local police. The Times says the man did so after one of his software tools was identified by the U.S. government as part of the arsenal used by Russian hackers suspected of hacking into the Democratic National Committee (DNC) l
Publish At:2017-08-18 04:30 | Read:10409 | Comments:0 | Tags:Other CrowdStrike Defense Intelligence Agency DNC hack Drago

CrowdStrike presented the fastest and largest cybersecurity search engine

CrowdStrike Inc., the leader in cloud-delivered endpoint protection, announced the fastest and largest cybersecurity search engine. Security firm CrowdStrike, the leader in cloud-delivered endpoint protection, announced a significant improvement of its Falcon platform that has been integrated with a powerful cybersecurity search engine. According to the com
Publish At:2017-07-26 07:20 | Read:7272 | Comments:0 | Tags:Breaking News Hacking Security CrowdStrike cybersecurity sea

DNI: Putin Led Cyber, Propaganda Effort to Elect Trump, Denigrate Clinton

Russian President Vladimir Putin directed a massive propaganda and cyber operation aimed at discrediting Hillary Clinton and getting Donald Trump elected, the top U.S. intelligence agencies said in a remarkable yet unshocking report released on Friday. Russian President Vladimir Putin tours RT facilities. Image: DNI The 25-page dossier from the Office of the
Publish At:2017-01-08 17:00 | Read:14379 | Comments:0 | Tags:Other CrowdStrike Daily Beast dcleaks.com DHS DNC DNI fbi Gu

Lone wolf claims responsibility for DNC hack, dumps purported Trump smear file

In an intriguing follow-up to Tuesday's report that Russian hackers gained access to Democratic National Committee servers, an anonymous blogger has claimed he alone was responsible for the breach and backed up the claim by publishing what purport to be authentic DNC documents taken during the online heist.Further ReadingHackers invade Dems’ servers, steal e
Publish At:2016-06-16 11:20 | Read:6820 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab Crowdstrike de

Attackers Embracing Steganography to Hide Communication

Encouraged by patterns carried out on a larger scale recently, researchers believe digital steganography has arrived as a legitimate method for attackers to use when it comes to obscuring communication between command and control servers.In a presentation last week at Black Hat Europe researchers with Crowdstrike and Dell SecureWorks cited a handful of campa
Publish At:2015-11-18 22:00 | Read:6832 | Comments:0 | Tags:Malware Black Hat Black Hat Europe Crowdstrike Dell SecureWo

Chinese Hackers Tried to Infiltrate U.S. Firms After Espionage Pact, Reveals Security Firm

A security firm has observed that hackers associated with the Chinese government attempted to infiltrate U.S. firms even after the United States and China agreed to neither conduct nor support activities that would result in the theft of intellectual property online.On September 25th, at the end of Chinese President Xi Jinping’s visit to the United Sta
Publish At:2015-10-19 20:30 | Read:4988 | Comments:0 | Tags:Latest Security News Anthem breach CrowdStrike Derusbi Dmitr

Understanding the VENOM Vulnerability

  Jason Geffner, a security researcher at Crowdstrike, has released information about a new, unchecked buffer vulnerability called VENOM affecting the open source QEMU virtualization platform which provides virtualization capabilities similar to VMWare or Microsoft’s Hyper-V. The initial reports indicate this is a serious vulnerability, and while the v
Publish At:2015-06-09 16:15 | Read:10296 | Comments:0 | Tags:Application Security Cyber Security Security Updates 0xicf A


Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud