HackDig : Dig high-quality web security articles for hacker

Fileless cryptocurrency miner CoinMiner uses NSA EternalBlue exploit to spread

A new fileless miner dubbed CoinMiner appeared in the wild, it uses NSA EternalBlue exploit and WMI tool to spread. A new strain of Cryptocurrency Miner dubbed CoinMiner appeared in the wild and according to the experts it is hard to detect and infects Windows PCs via EternalBlue NSA exploit. CoinMiner is a fileless malware that leverages the WMI (Windows Ma
Publish At:2017-08-22 13:35 | Read:1696 | Comments:0 | Tags:Breaking News Cyber Crime Malware CoinMiner Cybercrime ETERN

Cryptocurrency Miner Uses WMI and EternalBlue To Spread Filelessly

By Buddy Tancio Fileless malware can be a difficult threat to analyze and detect. It shouldn’t be a surprise that an increasing number of new malware threats are fileless, as threat actors use this technique to make both detection and forensic investigation more difficult. We recently found a new cryptocurrency miner (which we detect as TROJ64_COINMINER.QO)
Publish At:2017-08-21 22:35 | Read:2142 | Comments:0 | Tags:Exploits Malware cryptocurrency EternalBlue WMI

APT28 hackers are leveraging NSA Hacking tool to spy on Hotels guests

According to FireEye, the notorious Russia-linked APT28 group is behind an ongoing campaign targeting hotels in several European countries. According to FireEye, the notorious Russia-linked APT28 group (Pawn Storm, Fancy Bear, Sofacy, Sednit and Strontium) is behind an ongoing campaign targeting hotels in several European countries. The researchers observed
Publish At:2017-08-11 16:10 | Read:1782 | Comments:0 | Tags:APT Breaking News APT28 Cyberespionage Darkhotel ETERNALBLUE

Microsoft won’t patch the 20-year-old SMBv1 SMBloris flaw disclosed at DEF CON conference

Microsoft has announced that the SMBv1 SMBloris bug described at DEF CON won’t be patched because it could be fixed simply blocking incoming connections. Recently security researchers at RiskSense have identified a 20-year-old Windows SMB vulnerability they called SMBloris (a nod to the Slowloris DoS attack.), they presented their findings at the recen
Publish At:2017-07-31 06:15 | Read:1710 | Comments:0 | Tags:Breaking News Hacking DEF CON 25 ETERNALBLUE SMB SMBLoris Wi

DEF CON Talk Will Expose The Latest SMB Vulnerability SMBLoris

Security researchers at RiskSense have identified a 20-year-old Windows SMB vulnerability they are calling SMBloris, a DEF CON Talk Will Expose it. Server Message Block (SMB) has been a foundational piece of Microsoft Windows’ networking all the way back to the LAN Manager days, facilitating “shared access to files, printers and serial ports.R
Publish At:2017-07-28 04:36 | Read:2151 | Comments:0 | Tags:Breaking News Hacking def con ETERNALBLUE SMB Windows Vulner

Eternal Blues scanner allowed to find 50,000 EternalBlue-vulnerable host

The Eternal Blues scanner allowed administrators worldwide to discover more than 50,000 computers vulnerable to the NSA-linked EternalBlue exploit. Recently the security researcher Elad Erez developed Eternal Blues, a free EternalBlue vulnerability scanner that could be used by administrators to assess networks. Now Elad Erez published data collected by the
Publish At:2017-07-14 00:15 | Read:1840 | Comments:0 | Tags:Breaking News Hacking Eternal Blues ETERNALBLUE malware vuln

Researcher released Eternal Blues, a free EternalBlue vulnerability scanner

The security researcher Elad Erez developed Eternal Blues, a free EternalBlue vulnerability scanner that could be used to assess networks. Now systems administrators and hackers have a new free tool, dubbed Eternal Blues, to scan networks looking at computers vulnerable to the NSA EternalBlue exploit. EternalBlue is one of the hacking tools that the ShadowBr
Publish At:2017-07-01 17:40 | Read:1881 | Comments:0 | Tags:Breaking News Hacking Eternal Blues ETERNALBLUE malware vuln

Large-Scale Ransomware Attack In Progress, Hits Europe Hard

A large-scale ransomware attack reported to be caused by a variant of the Petya ransomware is currently hitting various users, particularly in Europe. This variant, which Trend Micro already detects as RANSOM_PETYA.SMA, is known to use both the EternalBlue exploit and the PsExec tool as infection vectors. Users and organizations are thus advised to perform t
Publish At:2017-06-28 04:00 | Read:1364 | Comments:0 | Tags:Malware Ransomware EternalBlue ransomware WannaCry

NSA Exploit EternalBlue is becoming even common in hacking tools and malware

Security Experts are observing a significant increase in the number of malware and hacking tools leveraging the ETERNALBLUE NSA exploit. ETERNALBLUE is the alleged NSA exploit that made the headlines with DOUBLEPULSAR in the WannaCry attack. ETERNALBLUE targets the SMBv1 protocol and is has become widely adopted in the community of malware developers. Invest
Publish At:2017-06-04 02:20 | Read:1861 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cybercrime ETERNAL

MS-17-010: EternalBlue’s Large Non-Paged Pool Overflow in SRV Driver

The EternalBlue exploit took the spotlight last May as it became the tie that bound the spate of malware attacks these past few weeks—the pervasive WannaCry, the fileless ransomware UIWIX, the Server Message Block (SMB) worm EternalRocks, and the cryptocurrency mining malware Adylkuzz. EternalBlue (patched by Microsoft via MS17-010) is a security flaw relate
Publish At:2017-06-02 13:20 | Read:2397 | Comments:0 | Tags:Exploits Vulnerabilities EternalBlue MS17-010 Server Message

UIWIX, the Fileless Ransomware that leverages NSA EternalBlue Exploit to spread

Security experts discovered a new ransomware family, dubbed UIWIX, that uses the NSA-linked EternalBlue exploit for distribution The effects of the militarization of the cyberspace are dangerous and unpredictable. A malicious code developed by a government could create serious problems for the Internet users, the recent WannaCry massive attack demonstrates i
Publish At:2017-05-20 05:35 | Read:3376 | Comments:0 | Tags:Breaking News Cyber Crime Malware Adylkuzz botnet Cybercrime

Not Just WannaCry: the EternalBlue Exploit Gives Rise to More Attacks

Since EternalBlue was first published, has anyone else used it? Or only the creators of WannaCry? Before we answer that question, let’s take a look at the history of the vulnerability that gave way to the EternalBlue exploit. October 25, 2001: Microsoft launches the Windows XP operating system, one of the company’s biggest successes. It contains,
Publish At:2017-05-19 02:30 | Read:2078 | Comments:0 | Tags:PandaLabs cryptocurrency eternalblue wannacry exploit

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud