HackDig : Dig high-quality web security articles for hackers

New Mirai Variant Targets Vulnerability in Comtrend Routers

A newly identified version of the Mirai Internet of Things (IoT) botnet includes an exploit for a vulnerability impacting Comtrend routers.Initially discovered in 2016 and having its source code released online in October of the same year, Mirai has been the base of numerous distributed denial of service (DDoS) botnets, several of which emerged over the past
Publish At:2020-07-13 17:17 | Read:107 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

U.S. Secret Service Creates Cyber Fraud Task Force

The United States Secret Service has announced the launch of a Cyber Fraud Task Force (CFTF), created through the merger of the Electronic Crimes Task Forces (ECTFs) and Financial Crimes Task Forces (FCTFs).Mainly aimed at improving data sharing, interoperability, and the development of investigative skills, the CFTF will be focused on the prevention, detect
Publish At:2020-07-13 11:05 | Read:55 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY Tracking & Law Enforcem

Russian Found Guilty of Hacking LinkedIn, Formspring, Dropbox

A Russian national accused of hacking into online platforms LinkedIn, Formspring, and Dropbox was found guilty by a United States jury last week.The man, Yevgeniy Aleksandrovich Nikulin, 32, was arrested in 2016 in the Czech Republic, and remained incarcerated there for two years, before being extradited to the U.S.In 2016, U.S. authorities charged Nikulin w
Publish At:2020-07-13 09:33 | Read:48 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Tracking &

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. The Russian crim
Publish At:2020-07-11 14:15 | Read:222 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime data breach Dro

Germany Seizes Server Hosting Pilfered U.S. Police Files

At the behest of the U.S. government, German authorities have seized a computer server that hosted a huge cache of files from scores of U.S. federal, state and local law enforcement agencies obtained in a Houston data breach last month.The server was being used by a WikiLeaks-like data transparency collective called Distributed Denial of Secrets to share doc
Publish At:2020-07-09 16:45 | Read:193 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Data Protection Tracki

Powerful Conti Ransomware Emerges

A new ransomware family packs multiple unique features, including to improve performance and give its operators the option to only target networked SMB shares, VMware-owned Carbon Black reveals.Dubbed Conti, the malware improves performance through the use of “up to 32 simultaneous encryption efforts,” and is likely directly controlled by its operators, whic
Publish At:2020-07-09 09:02 | Read:110 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Over 5 Billion Unique Credentials Offered on Cybercrime Marketplaces

More than 15 billion username and password pairs have been offered on cybercrime marketplaces, including over 5 billion unique credentials, according to a report published on Wednesday by San Francisco-based risk protection solutions provider Digital Shadows.Over the past few years, Digital Shadows added to its breach repository more than 15 billion credenti
Publish At:2020-07-08 15:35 | Read:140 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Identity &

Magecart Group Hits 570 Websites in Three Years

Over the past three years, one of the groups operating under the Magecart umbrella has targeted over 570 e-commerce websites and likely made more than $7 million, threat intelligence company Gemini Advisory reports.Referred to as Keeper, the group operates 64 attacker and 73 exfiltration domains and has hit targets in 55 countries since April 1, 2017. All do
Publish At:2020-07-08 13:44 | Read:240 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Phishing Cybe

Hackers Find Way to Bypass Mitigation for Exploited BIG-IP Vulnerability

Researchers have found a way to bypass one of the mitigations proposed by F5 Networks for the actively exploited BIG-IP vulnerability, but malicious hackers leveraged the bypass method before its public disclosure.F5’s BIG-IP application delivery controller (ADC), specifically its Traffic Management User Interface (TMUI) configuration utility, is affected by
Publish At:2020-07-08 09:52 | Read:95 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Risk Management Vuln

Free Tool Enables Recovery of Files Encrypted by ThiefQuest Mac Malware

Researchers at endpoint security company SentinelOne have created a tool that enables users to recover files encrypted by the Mac malware named ThiefQuest, which poses as ransomware.ThiefQuest, initially named EvilQuest, is designed to encrypt files on compromised systems, but also allows its operators to log keystrokes, steal files, and take full control of
Publish At:2020-07-08 09:52 | Read:111 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

Russian BEC Ring Targets Many Multinational Organizations

Over the past year, a Russian cybercrime group has launched over 200 business email compromise (BEC) campaigns targeting multinational organizations.Referred to as Cosmic Lynx, the threat actor has targeted individuals in 46 countries on six continents, nearly all of whom were employees of Fortune 500 or Global 2000 companies.“Even employees in countries not
Publish At:2020-07-08 09:52 | Read:149 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Phishing Cybe

Feds Unseal 2018 Indictment Charging Kazakh Man in Hacks

Two weeks after a cyber-security firm released the identity of an alleged hacker from Kazakhstan, federal authorities in Seattle on Tuesday unsealed a 2018 indictment charging the man with an array of computer crimes.Andrey Turchin, known in hacking circles as “fxmsp,” and his accomplices ran a prolific hacking ring that attacked hundreds of victims, includi
Publish At:2020-07-08 02:09 | Read:79 | Comments:0 | Tags:NEWS & INDUSTRY Tracking & Law Enforcement Cybercrim

Cerberus Banking Trojan Delivered via App Hosted on Google Play

A harmless-looking currency converter application downloaded by more than 10,000 users from Google Play was designed to deliver the Cerberus banking Trojan.A Malware-as-a-Service (Maas), Cerberus is known for its mobile remote access Trojan (mRAT) capabilities, as well as functionality through which it logs keystrokes and steals credentials, information from
Publish At:2020-07-08 02:09 | Read:166 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Virus & Threats Phis

Microsoft Files Lawsuit to Seize Fake Domains Used in COVID-19-Themed BEC Attacks

Microsoft has filed a lawsuit in an effort to seize control of several domains used to launch COVID-19-themed cyberattacks against the company’s customers in 62 countries.The tech company started tracking the malicious activity in December 2019, after identifying it as a phishing scheme attempting to compromise Microsoft customer accounts and access emails,
Publish At:2020-07-07 18:26 | Read:201 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Fraud & Identity

EDP Renewables North America Discloses Data Breach

Renewable energy company EDP Renewables North America (EDPR NA) has started informing customers that its internal systems were breached by cybercriminals.EDPR NA is part of energy provider EDP Renováveis, which is headquartered in Madrid, Spain, and is a subsidiary of Energias de Portugal, the electric utilities company founded in 1976 by the government of P
Publish At:2020-07-07 14:34 | Read:263 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Data Protection Cyberc


Share high-quality web security related articles with you:)