HackDig : Dig high-quality web security articles for hacker

BlackOasis APT and new targeted attacks leveraging zero-day exploit

More information about BlackOasis APT is available to customers of Kaspersky Intelligence Reporting Service. Contact: intelreports@kaspersky.com Introduction Kaspersky Lab has always worked closely with vendors to protect users. As soon as we find new vulnerabilities we immediately inform the vendor in a responsible manner and provide all the details require
Publish At:2017-10-21 15:05 | Read:120 | Comments:0 | Tags:Featured Research Adobe APT Microsoft Word Vulnerabilities a

The Festive Complexities of SIGINT-Capable Threat Actors

To read the full paper and learn more about this, refer to “Walking in Your Enemy’s Shadow: When Fourth-Party Collection Becomes Attribution Hell” Attribution is complicated under the best of circumstances. Sparse attributory indicators and the possibility of overt manipulation have proven enough for many researchers to shy away from the a
Publish At:2017-10-04 07:35 | Read:192 | Comments:0 | Tags:Events Featured Research APT Deception techniques Targeted A

Threat Landscape for Industrial Automation Systems in H1 2017

Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017. All statistical data used in this report was collected using the Kaspersky Security Network (KSN), a distributed antivirus network. Th
Publish At:2017-09-28 17:00 | Read:89 | Comments:0 | Tags:Featured Industrial threats ICS Industrial control systems i

An (un)documented Word feature abused by attackers

A little while back we were investigating the malicious activities of the Freakyshelly targeted attack and came across spear phishing emails that had some interesting documents attached to them. They were in OLE2 format and contained no macros, exploits or any other active content. However, a close inspection revealed that they contained several links to PHP
Publish At:2017-09-18 17:05 | Read:138 | Comments:0 | Tags:Featured Research Microsoft Word Targeted Attacks Vulnerabil

Connected Medicine and Its Diagnosis

Medical data is slowly but surely migrating from paper mediums to the digital infrastructure of medical institutions. Today, the data is “scattered” across databases, portals, medical equipment, etc. In some cases, the security of the network infrastructure of such organizations is neglected, and resources that process medical information are acc
Publish At:2017-09-13 08:00 | Read:145 | Comments:0 | Tags:Featured Publications infrastructure Internet of Things Secu

Introducing WhiteBear

As a part of our Kaspersky APT Intelligence Reporting subscription, customers received an update in mid-February 2017 on some interesting APT activity that we called WhiteBear. Much of the contents of that report are reproduced here. WhiteBear is a parallel project or second stage of the Skipper Turla cluster of activity documented in another private intelli
Publish At:2017-08-30 19:50 | Read:322 | Comments:0 | Tags:Featured Research APT Cyber espionage Targeted Attacks Turla

Spam and phishing in Q2 2017

Spam: quarterly highlights Delivery service Trojans At the start of Q2 2017, we registered a wave of malicious mailings imitating notifications from well-known delivery services. Trojan downloaders were sent out in ZIP archives, and after being launched they downloaded other malware – Backdoor.Win32.Androm and Trojan.Win32.Kovter. The usual trick of present
Publish At:2017-08-22 09:10 | Read:270 | Comments:0 | Tags:Featured Quarterly Spam Reports Malicious spam Malware Descr

ShadowPad in corporate networks

 ShadowPad, part 2: Technical Details (PDF) In July 2017, during an investigation, suspicious DNS requests were identified in a partner’s network. The partner, which is a financial institution, discovered the requests originating on systems involved in the processing of financial transactions. Further investigation showed that the sour
Publish At:2017-08-15 14:15 | Read:495 | Comments:0 | Tags:Featured Research Backdoor DNS Software supply-chain attack

IT threat evolution Q2 2017. Statistics

Q2 figures According to KSN data, Kaspersky Lab solutions detected and repelled 342, 566, 061 malicious attacks from online resources located in 191 countries all over the world. 33, 006, 783 unique URLs were recognized as malicious by web antivirus components. Attempted infections by malware that aims to steal money via online access to bank accounts were r
Publish At:2017-08-15 11:25 | Read:295 | Comments:0 | Tags:Featured Quarterly Malware Reports Financial malware Interne

IT threat evolution Q2 2017

Targeted attacks and malware campaigns Back to the future:  looking for a link between old and new APTs This year’s Security Analyst Summit (SAS) included interesting research findings on several targeted attack campaigns.  For example, researchers from Kaspersky Lab and King’s College London presented their findings on a possible link between Mo
Publish At:2017-08-15 11:25 | Read:222 | Comments:0 | Tags:Featured Quarterly Malware Reports APT Cyber espionage Finan

APT Trends report Q2 2017

Introduction Since 2014, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been providing threat intelligence reports to a wide-range of customers worldwide, leading to the delivery of a full and dedicated private reporting service. Prior to the new service offering, GReAT published research online for the general public in an effort to hel
Publish At:2017-08-08 10:30 | Read:247 | Comments:0 | Tags:Featured Quarterly Malware Reports APT ExPetr fileless malwa

DDoS attacks in Q2 2017

News Overview The second quarter of 2017 saw DDoS attacks being more and more frequently used as a tool for political struggle. The Qatar crisis was accompanied by an attack on the website of Al Jazeera, the largest news network in the area, Le Monde and Le Figaro websites were targeted in the heat of the presidential election in France, and in Great Britain
Publish At:2017-08-01 17:45 | Read:355 | Comments:0 | Tags:Featured Quarterly Malware Reports Botnets DDoS-attacks Inte

ExPetr/Petya/NotPetya is a Wiper, Not Ransomware

After an analysis of the encryption routine of the malware used in the Petya/ExPetr attacks, we have thought that the threat actor cannot decrypt victims’ disk, even if a payment was made. This supports the theory that this malware campaign was not designed as a ransomware attack for financial gain. Instead, it appears it was designed as a wiper prete
Publish At:2017-06-28 19:25 | Read:337 | Comments:0 | Tags:Featured Incidents Petya Ransomware Wiper

Schroedinger’s Pet(ya)

Earlier today (June 27th), we received reports about a new wave of ransomware attacks spreading around the world, primarily targeting businesses in Ukraine, Russia and Western Europe. If you were one of the unfortunate victims, this screen might look familiar: Kaspersky Lab solutions successfully stop the attack through the System Watcher component. This te
Publish At:2017-06-27 20:10 | Read:410 | Comments:0 | Tags:Featured Incidents Data Encryption Malware Descriptions Rans

KSN Report: Ransomware in 2016-2017

This report has been prepared using depersonalized data processed by Kaspersky Security Network (KSN). The metrics are based on the number of distinct users of Kaspersky Lab products with the KSN feature enabled, who encountered ransomware at least once in a given period, as well as research into the ransomware threat landscape by Kaspersky Lab experts. Thi
Publish At:2017-06-26 07:20 | Read:427 | Comments:0 | Tags:Featured Publications Encryption Financial malware Malware S

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud