HackDig : Dig high-quality web security articles

Is BazarLoader malware linked to Trickbot operators?

Experts warn of malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. Since January, researchers observed malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. The campaigns aimed at employees of large organizations, the messages attempt
Publish At:2021-04-18 07:49 | Read:82 | Comments:0 | Tags:Breaking News Cyber Crime Malware BazarLoader malware Hackin

Mirai code re-use in Gafgyt

Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt,”some of them re-used Mirai code.  Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt”, via threat intelligence systems and our in-house osquery-based sandbox. Upon ana
Publish At:2021-04-16 05:26 | Read:151 | Comments:0 | Tags:Breaking News Cyber Crime Malware botnet Gafgyt botnet Hacki

FireEye: 650 new threat groups were tracked in 2020

FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked in 2020 FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. Most of the incidents investigated by Mandiant (59%) in 2020 wer
Publish At:2021-04-14 11:40 | Read:174 | Comments:0 | Tags:APT Breaking News Cyber Crime Cyber warfare Reports Hacking

Joker malware infected 538,000 Huawei Android devices

More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. The fight to the Joker malware (aka Bread) begun in September 20
Publish At:2021-04-11 05:20 | Read:200 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile AppGallery Hacking

Hackers compromised APKPure client to distribute infected Apps

APKPure, one of the largest alternative app stores, was the victim of a supply chain attack, threat actors compromised client version 3.17.18 to deliver malware. Multiple security experts discovered threat actors tampered with the APKPure client version 3.17.18 of the popular alternative third-party Android app store. APKPure is available only on devi
Publish At:2021-04-10 15:44 | Read:134 | Comments:0 | Tags:Breaking News Cyber Crime Malware Android APKPure Hacking in

Crooks abuse website contact forms to deliver IcedID malware

Microsoft researchers spotted a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. Security experts from Microsoft have uncovered a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. Threat actors behind the operation are using contact forms published on websites to del
Publish At:2021-04-10 11:49 | Read:221 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Hacking hacking

This man was planning to kill 70% of Internet in a bomb attack against AWS

The FBI arrested a man for allegedly planning a bomb attack against Amazon Web Services (AWS) to kill about 70% of the internet. The FBI arrested Seth Aaron Pendley (28), from Texas, for allegedly planning to launch a bomb attack against Amazon Web Services (AWS) data center on Smith Switch Road in Ashburn, Virginia. The man was attempting to buy C-4 p
Publish At:2021-04-10 07:54 | Read:169 | Comments:0 | Tags:Breaking News Cyber Crime Amazon AWS bomb attack Hacking hac

330K stolen payment cards and 895K stolen gift cards sold on dark web

A threat actor has sold almost 900,000 gift cards and over 300,000 payment cards on a cybercrime forum on the dark web. A crook has sold 895,000 gift cards and over 300,000 payment cards, for a total of US$38 million, on a  top-tier Russian-language hacking forum on the dark web. The criminal actor was spotted offering a huge amount of cards in February
Publish At:2021-04-09 04:35 | Read:237 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Cybercrime gift cards Hac

Swarmshop – What goes around comes around: hackers leak other hackers’ data online

Group-IB, a global threat hunting and adversary-centric cyber intelligence company, discovered that user data of the Swarmshop card shop have been leaked online on March 17, 2021. The database was posted on a different underground forum and contained 12,344 records of the card shop admins, sellers and buyers including their nicknames,
Publish At:2021-04-08 12:59 | Read:235 | Comments:0 | Tags:Breaking News Cyber Crime carding Hacking hacking news infor

Man arrested after hired a hitman on the dark web

A joint operation of Europol and the Italian Postal and Communication Police resulted in the arrest of an Italian national who hired a hitman on the dark web. Europol and the Italian Postal and Communication Police (Polizia Postale e delle Comunicazioni) arrested an Italian national as part of the “Operation Hitman” because he is suspected of
Publish At:2021-04-08 05:11 | Read:127 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Cybercrime Dark Web Europ

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Threat actors are actively exploiting the CVE-2018-13379 vulnerability in Fortinet VPNs to deploy a new piece of ransomware, tracked as Cring ransomware (also known as Crypt3r, Vjiszy1lo, Ghost, Phantom), to o
Publish At:2021-04-07 20:30 | Read:185 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cring ransomware CVE-2018-

Crooks use Telegram bots and Google Forms to automate phishing

Crooks increasingly often use legitimate services such as Google Forms and Telegram to obtain user data stolen on phishing websites. Group-IB, a global threat hunting and adversary-centric cyber intelligence company, has found that cybercriminals increasingly often use legitimate services such as Google Forms and Telegram to
Publish At:2021-04-07 09:41 | Read:192 | Comments:0 | Tags:Breaking News Cyber Crime Cybercrime phishing Telegram bot

Gigaset Android smartphones infected with malware after supply chain attack

A new supply chain attack made the headlines, threat actors compromised at least one update server of smartphone maker Gigaset to deliver malware. The German device maker Gigaset was the victim of supply chain attack, threat actors compromised at least one server of the company to deliver malware. Gigaset AG, formerly known as Siemens Home and Office
Publish At:2021-04-07 06:18 | Read:164 | Comments:0 | Tags:Breaking News Cyber Crime Android Gigaset malware android

Malware attack on Applus blocked vehicle inspections in some US states

A malware attack against vehicle inspection services provider Applus Technologies paralyzed preventing vehicle inspections in eight US states. Applus Technologies is a worldwide leader in the testing, inspection and certification sector, the company was recently hit by a malware cyberattack that impacted vehicle inspections in eight states, including Conn
Publish At:2021-04-04 12:00 | Read:209 | Comments:0 | Tags:Breaking News Cyber Crime Malware Applus Technologies Hackin

Capital One discovered more customers’ SSNs exposed in 2019 hack

More clients of Capital One have been impacted in the 2019 data breach, the US bank is notifying them of their SSNs exposure. US bank Capital One notified a number of additional customers that their Social Security numbers were exposed in the data breach that took place in July 2019. A hacker that was going online with the handle “erratic” breached the
Publish At:2021-04-03 15:57 | Read:260 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Hacking Capital One da