HackDig : Dig high-quality web security articles for hackers

SYSCON Backdoor Uses FTP as a C&C Channel

By Jaromir Horejsi (Threat Researcher) Bots can use various methods to establish a line of communication between themselves and their command-and-control (C&C) server. Usually, these are done via HTTP or other TCP/IP connections. However, we recently encountered a botnet that uses a more unusual method: an FTP server that, in effect, acts as a C&C se
Publish At:2017-10-05 23:30 | Read:5545 | Comments:0 | Tags:Malware backdoor FTP SYSCON

Experts discovered a SYSCON Backdoor using FTP Server as C&C

Security researchers with Trend Micro discovered a backdoor dubbed SYSCON that uses an FTP server for command and control (C&C) purposes. The SYSCON backdoor is spreading through tainted documents that refer North Korea and target individuals connected to the Red Cross and the World Health Organization. The use of an FTP server as C&C is uncommon fo
Publish At:2017-10-05 17:05 | Read:6370 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware backdoor botnet Cy

Chrome will label Resources delivered via FTP as “Not Secure”

Google continues the ongoing effort to communicate the transport security status of a given page labeling resources delivered via FTP as “Not secure” in Chrome, Last week, Google announced that future versions of Chrome will label resources delivered via the File Transfer Protocol (FTP) as “Not secure.” The security improvement will be implement
Publish At:2017-09-18 00:05 | Read:3550 | Comments:0 | Tags:Breaking News Security Chrome encryption FTP Google HTTPS

Attackers Targeting FTP Servers to Access Patient Health Data, Warns FBI

The FBI issued an alert to the healthcare industry warning of criminal actors actively targeting anonymous File Transfer Protocol (FTP) servers to access protected health information (PHI) and personally identifiable information (PII).According to the FBI’s Cyber Division, attackers are compromising such information from medical and dental entities in order
Publish At:2017-03-29 01:06 | Read:3464 | Comments:0 | Tags:Latest Security News anonymous data breach FTP Healthcare

Your Mouse Got Sick and You Don’t Know it. aka “Reverse Shell via Mouse”

Ever got a backdoor installed on your computer by your beloved mouse? Here’s the story of a poor mouse that got really, really sick. Agent “Danger Mouse” Do you remember the times where people put Teensy-boards and USB hubs in their mouses? [Chris? ;)] Their aim was to attach an additional Human Interface Device (HID, like keyboards or mous
Publish At:2016-07-30 02:50 | Read:5264 | Comments:0 | Tags:ERNW Insecurity Badge ftp gaming hid logitech maus mouse rev

12 Days of HaXmas: RCE in Your FTP

This post is the sixth in a series, 12 Days of HaXmas, where we take a look at some of more notable advancements and events in the Metasploit Framework over the course of 2014. It's been quite a year for shell bugs. Of course, we all know about Shellshock, the tragic bash bug that made the major media news. Most of us heard about the vulnerabilities in
Publish At:2014-12-31 00:00 | Read:4994 | Comments:1 | Tags:haxmas rce ftp osx bash client-side

FTP Brute Force Attacks?

Hacking websites using FTP access has been one of the most popular attack vectors during the last few year. I can still see many massive site infections done via FTP. In most cases, the first step of such attacks is stealing FTP credentials from local computers of webmasters. Back in 2009, I described how PC malware stole passwords saved in popular FTP clien
Publish At:2014-08-15 20:40 | Read:5940 | Comments:0 | Tags:Website exploits brute-force FTP log analysis

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud