HackDig : Dig high-quality web security articles for hacker

ShadowPad in corporate networks

 ShadowPad, part 2: Technical Details (PDF) In July 2017, during an investigation, suspicious DNS requests were identified in a partner’s network. The partner, which is a financial institution, discovered the requests originating on systems involved in the processing of financial transactions. Further investigation showed that the sour
Publish At:2017-08-15 14:15 | Read:366 | Comments:0 | Tags:Featured Research Backdoor DNS Software supply-chain attack

DNS Attacks Could Cost Your Company $2 Million a Year

The DNS (Domain Name System) is the keystone of the proper functioning of the internet. Each time you access your email or your Facebook, you’re using it. So when a DNS server is under attack and inaccessible, every website that it supports also becomes unavailable. DNS attacks have already had a major impact in the functioning of companies, and it turns out
Publish At:2017-07-27 11:30 | Read:723 | Comments:0 | Tags:Security b2b cybersecurity dns

A critical flaw allows hacking Linux machines with just a malicious DNS Response

A remote attacker can trigger the buffer overflow vulnerability to execute malicious code on affected Linux systems with just a malicious DNS response. Chris Coulson, Ubuntu developer at Canonical, has found a critical vulnerability Linux that can be exploited to remotely hack machines running the popular OS. The flaw, tracked as CVE-2017-9445, resides in th
Publish At:2017-06-29 10:25 | Read:216 | Comments:0 | Tags:Breaking News Hacking DNS LINUX

Use of DNS Tunneling for C&C Communications

– Say my name. – 127.0.0.1! – You are goddamn right. Network communication is a key function for any malicious program. Yes, there are exceptions, such as cryptors and ransomware Trojans that can do their job just fine without using the Internet. However, they also require their victims to establish contact with the threat actor so they can
Publish At:2017-04-28 13:40 | Read:619 | Comments:0 | Tags:Blog Research Backdoor DNS Malware Descriptions Malware Tech

[SANS ISC] DNS Query Length… Because Size Does Matter

I published the following diary on isc.sans.org: “DNS Query Length… Because Size Does Matter“. In many cases, DNS remains a goldmine to detect potentially malicious activity. DNS can be used in multiple ways to bypass security controls. DNS tunnelling is a common way to establish connections with remote systems. It is often based on “
Publish At:2017-04-20 12:35 | Read:583 | Comments:0 | Tags:Logs Management / SIEM SANS Internet Storm Center Security D

DNS Evil Lurking Around Every Corner

Today, I came across a blog post that once again showcases the importance of properly managing DNS through its entire lifecycle.The article entitled “Respect My Authority – Hijacking Broken Nameservers to Compromise Your Target” (sic) was written by Matthew Bryant (@IAmMandatory). It can be found here. It’s a bit of long read but serves as a great reminder a
Publish At:2017-01-24 15:10 | Read:1044 | Comments:0 | Tags:Featured Articles IT Security and Data Protection DNS Netsec

Switcher: Android joins the ‘attack-the-router’ club

Recently, in our never-ending quest to protect the world from malware, we found a misbehaving Android trojan. Although malware targeting the Android OS stopped being a novelty quite some time ago, this trojan is quite unique. Instead of attacking a user, it attacks the Wi-Fi network the user is connected to, or, to be precise, the wireless router that serves
Publish At:2016-12-28 11:20 | Read:1025 | Comments:0 | Tags:Blog Mobile DNS Google Android Mobile Malware Router

Hailstorm Spam in the Sights of New Detection System

The research teams at Cisco Talos and Umbrella have deployed a new system designed to detect hailstorm spam campaigns.Hailstorm spam is in some respects different from snowshoe spam. With the latter, a large number of IP addresses send out a low volume of spam email over an extended period of time. Snowshoe spam works that way to avoid raising any red flags
Publish At:2016-12-22 23:55 | Read:824 | Comments:0 | Tags:Latest Security News Cisco Talos DNS hailstorm spam malware

[CRITICAL] CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow

Have you ever been deep in the mines of debugging and suddenly realized that you were staring at something far more interesting than you were expecting? You are not alone! Recently a Google engineer noticed that their SSH client segfaulted every time they tried to connect to a specific host. That engineer filed a ticket to investigate the behavior and after
Publish At:2016-11-20 03:20 | Read:1646 | Comments:0 | Tags:Application Security Cyber Security Cyber Security Research

DNS Analysis and Tools

In this article, we will take a look at the complete DNS process, DNS lookup, DNS reverse lookup, DNS zone transfer, etc. along with some tools to analyze & enumerate DNS traffic.Domain Name System (DNS) is a naming system used to convert human readable domain names like infosecinstitute.com into a numerical IP address. The process works like this:
Publish At:2016-11-04 20:45 | Read:732 | Comments:0 | Tags:DNS

Are the Days of “Booter” Services Numbered?

It may soon become easier for Internet service providers to anticipate and block certain types of online assaults launched by Web-based attack-for-hire services known as “booter” or “stresser” services, new research released today suggests. The findings come from researchers in Germany who’ve been studying patterns that emerge w
Publish At:2016-10-27 20:50 | Read:1236 | Comments:0 | Tags:Other AmpPot booter bulletproof hosting Christian Rossow Clo

US users were not able to reach Twitter and other sites due to DDoS on Dyn DNS Service

A severe distributed denial-of-service (DDoS) it targeting the Managed DNS infrastructure of cloud-based Internet performance management company Dyn. A severe distributed denial-of-service (DDoS) it targeting the Managed DNS infrastructure of cloud-based Internet performance management company Dyn. Many users of major websites are not able to reach web servi
Publish At:2016-10-22 03:55 | Read:1138 | Comments:0 | Tags:Breaking News Hacking botnet DDoS DNS Dyn DNS Service Intern

DYN Restores Service after DDoS Attack Downed Twitter, Spotify, Others

UPDATED 21/10/2016 11:15 EDTDYN has restored service after a distributed denial-of-service (DDoS) attack against its DNS infrastructure took down Spotify, Twitter, and a host of other sites.The internet performance management company published a statement on its status page explaining that a DDoS attack was responsible for the service interruption:“Sta
Publish At:2016-10-22 02:00 | Read:824 | Comments:0 | Tags:Latest Security News DDoS DNS Spotify Twitter DDOS

DDoS on Dyn Impacts Twitter, Spotify, Reddit

Criminals this morning massively attacked Dyn, a company that provides core Internet services for Twitter, SoundCloud, Spotify, Reddit and a host of other sites, causing outages and slowness for many of Dyn’s customers. Twitter is experiencing problems, as seen through the social media platform Hootsuite. In a statement, Dyn said that this morning, Oct
Publish At:2016-10-21 17:50 | Read:1105 | Comments:0 | Tags:Other Akamai Anna_Senpai DDoS DNS Doug Madory Dyn internet o

Bitcoin Wallet Blockchain.info went down due to a DNS Hijacking

 Blockchain.info, the world’s most popular Bitcoin wallet and Block Explorer service went down this week due to a DNS Hijacking attack. Crypto-currencies continue to be a privileged target of cyber criminals, Bitcoin wallets and services provided by many companies operating in the industries have been targeted by criminal organizations as never before.
Publish At:2016-10-13 10:30 | Read:792 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Bitcoin Blockchain Cybercr

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud